FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
edf064fb-b30b-11e9-a87f-a4badb2f4699	FreeBSD -- Bhyve out-of-bounds read in XHCI device Problem Description: The pci_xhci_device_doorbell() function does not validate the 'epid' and 'streamid' provided by the guest, leading to an out-of-bounds read. Impact: A misbehaving bhyve guest could crash the system or access memory that it should not be able to. Discovery 2019-07-24 Entry 2019-07-30 FreeBSD-kernel ge 12.0 lt 12.0_8 ge 11.2 lt 11.2_12 ge 11.3 lt 11.3_1 CVE-2019-5604 SA-19:16.bhyve

VuXML ID

Description

edf064fb-b30b-11e9-a87f-a4badb2f4699

FreeBSD -- Bhyve out-of-bounds read in XHCI device

Problem Description:

The pci_xhci_device_doorbell() function does not validate the 'epid' and 'streamid' provided by the guest, leading to an out-of-bounds read.

A misbehaving bhyve guest could crash the system or access memory that it should not be able to.

Discovery 2019-07-24
Entry 2019-07-30
FreeBSD-kernel

ge 12.0 lt 12.0_8

ge 11.2 lt 11.2_12

ge 11.3 lt 11.3_1

CVE-2019-5604
SA-19:16.bhyve