CVE-2024-41928
CVSS V2 None
CVSS V3 None
Description
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Overview
- CVE ID
- CVE-2024-41928
- Assigner
- freebsd
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-05T03:32:56.561Z
- Last Modified Date
- 2024-09-05T03:32:56.561Z
References
Reference URL | Reference Tags |
---|---|
https://security.freebsd.org/advisories/FreeBSD-SA-24:10.bhyve.asc | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-41928 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41928 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-09-05 13:06:42 | Added to TrackCVE |