FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e73c688b-f7e6-11ea-88f8-901b0ef719abFreeBSD -- bhyve SVM guest escape

Problem Description:

A number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped.

Impact:

From kernel mode a malicious guest can write to arbitrary host memory (with some constraints), affording the guest full control of the host.


Discovery 2020-09-15
Entry 2020-09-16
FreeBSD-kernel
ge 12.1 lt 12.1_10

ge 11.4 lt 11.4_4

ge 11.3 lt 11.3_14

CVE-2020-7467
SA-20:29.bhyve_svm