Unrated severityNVD Advisory· Published Sep 25, 2020· Updated Aug 4, 2024
CVE-2020-24718
CVE-2020-24718
Description
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- FreeBSD/bhyvedescription
Patches
Vulnerability mechanics
References
3- github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.cmitrex_refsource_MISC
- security.freebsd.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.ascmitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20201016-0002/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.