Back to search
CVE-2018-17160
Published: Dec 4, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.
| Vendor | Product | Versions |
|---|---|---|
FreeBSD | FreeBSD | affected FreeBSD 11.2 before 11.2-RELEASE-p6 |
References
FreeBSD-SA-18:14
vendor-advisory
x_refsource_FREEBSD
106210
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now