VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 4, 2018· Updated Aug 5, 2024

CVE-2018-17160

CVE-2018-17160

Description

In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Insufficient bounds checking in bhyve device models allows a guest to overwrite host memory, potentially leading to arbitrary code execution on the host as root.

Vulnerability

In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve allows a guest operating system to overwrite memory in the bhyve host. This vulnerability is only reachable when booting guests with a firmware image such as UEFI images from the bhyve-firmware package [1].

Exploitation

An attacker with the ability to control a guest operating system and using a firmware image can trigger the bounds checking flaw to cause a buffer overflow in the bhyve process. No special network position or authentication is required beyond normal guest access; the attack sequence involves sending crafted inputs to the vulnerable device model from the guest [1].

Impact

Successful exploitation allows a guest operating system to crash the bhyve process or execute arbitrary code on the host as root. This results in a complete compromise of host confidentiality, integrity, and availability [1].

Mitigation

The vulnerability is corrected in FreeBSD 11.2-STABLE(r341486) and 11.2-RELEASE-p6, released 2018-12-04 [1]. As a workaround, guests that can be booted with bhyveload(8) or grub2-bhyve are not affected. For guests requiring a firmware image, such as Windows, no workaround is available; the fix must be applied [1].

References
  1. https://security.freebsd.org/advisories/FreeBSD-SA-18:14.bhyve.asc

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • FreeBSD/bhyvellm-fuzzy
    Range: < 11.2-STABLE(r341486) and < 11.2-RELEASE-p6
  • FreeBSD/FreeBSDv5
    Range: FreeBSD 11.2 before 11.2-RELEASE-p6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.