FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e722e3c6-bbee-11e6-b1cf-14dae9d210b8	FreeBSD -- bhyve(8) virtual machine escape Problem Description: The bounds checking of accesses to guest memory greater than 4GB by device emulations is subject to integer overflow. Impact: For a bhyve virtual machine with more than 3GB of guest memory configured, a malicious guest could craft device descriptors that could give it access to the heap of the bhyve process. Since the bhyve process is running as root, this may allow guests to obtain full control of the hosts they're running on. Discovery 2016-12-06 Entry 2016-12-06 FreeBSD ge 11.0 lt 11.0_4 ge 10.3 lt 10.3_13 ge 10.2 lt 10.2_26 ge 10.1 lt 10.1_43 CVE-2016-1889 SA-16:38.bhyve

VuXML ID

Description

e722e3c6-bbee-11e6-b1cf-14dae9d210b8

FreeBSD -- bhyve(8) virtual machine escape

Problem Description:

The bounds checking of accesses to guest memory greater than 4GB by device emulations is subject to integer overflow.

Impact:

For a bhyve virtual machine with more than 3GB of guest memory configured, a malicious guest could craft device descriptors that could give it access to the heap of the bhyve process. Since the bhyve process is running as root, this may allow guests to obtain full control of the hosts they're running on.

Discovery 2016-12-06
Entry 2016-12-06
FreeBSD

ge 11.0 lt 11.0_4

ge 10.3 lt 10.3_13

ge 10.2 lt 10.2_26

ge 10.1 lt 10.1_43

CVE-2016-1889
SA-16:38.bhyve