13.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

freebsd

CWE-908

NVD

Published: 2021-08-30

Updated: 2021-12-14

Summary

In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 11.4 Freebsd Freebsd 12.2 Freebsd Freebsd 13.0	29

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References