ID |
CVE-2024-41928
|
Summary |
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | None |
Impact: | |
Exploitability: | |
|
Access |
Vector | Complexity | Authentication |
|
|
|
|
Impact |
Confidentiality | Integrity | Availability |
|
|
|
|
Last major update |
06-09-2024 - 17:35 |
Published |
05-09-2024 - 04:15 |
Last modified |
06-09-2024 - 17:35 |