We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Reserved 2024-08-27 | Published 2024-09-05 | Updated 2024-09-20 | Assigner freebsdCWE-1285 Improper Validation of Specified Index, Position, or Offset in Input
Synacktiv
The FreeBSD Foundation
The Alpha-Omega Project
security.freebsd.org/advisories/FreeBSD-SA-24:10.bhyve.asc
Support options