vulnerability

FreeBSD: VID-8caa5d60-a174-11ef-9a62-002590c1f29c (CVE-2024-39281): FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Nov 13, 2024	Nov 14, 2024	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Nov 13, 2024

Added

Nov 14, 2024

Modified

Dec 10, 2025

Description

Problem Description: The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator. Impact: A malicious guest could cause a Denial of Service (DoS) on the host.

Solutions

freebsd-upgrade-base-14_1-release-p6freebsd-upgrade-base-13_4-release-p2freebsd-upgrade-base-13_3-release-p8

References

CVE-2024-39281
https://attackerkb.com/topics/CVE-2024-39281
CWE-20

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today