VYPR

grub2-bhyve

by FreeBSD

CVEs (2)

  • CVE-2020-10565Mar 14, 2020
    risk 0.00cvss epss 0.00

    grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the…

  • CVE-2020-10566Mar 14, 2020
    risk 0.00cvss epss 0.00

    grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.