This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
e722e3c6-bbee-11e6-b1cf-14dae9d210b8 | FreeBSD -- bhyve(8) virtual machine escapeProblem Description:The bounds checking of accesses to guest memory greater than 4GB by device emulations is subject to integer overflow. Impact:For a bhyve virtual machine with more than 3GB of guest memory configured, a malicious guest could craft device descriptors that could give it access to the heap of the bhyve process. Since the bhyve process is running as root, this may allow guests to obtain full control of the hosts they're running on. Discovery 2016-12-06 Entry 2016-12-06 FreeBSD ge 11.0 lt 11.0_4 ge 10.3 lt 10.3_13 ge 10.2 lt 10.2_26 ge 10.1 lt 10.1_43 CVE-2016-1889 SA-16:38.bhyve |