vulnerability
FreeBSD: VID-1febd09b-7716-11ef-9a62-002590c1f29c (CVE-2024-41721): FreeBSD -- bhyve(8) out-of-bounds read access via XHCI emulation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Sep 20, 2024 | Sep 22, 2024 | Dec 10, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Sep 20, 2024
Added
Sep 22, 2024
Modified
Dec 10, 2025
Description
Problem Description: bhyve can be configured to emulate devices on a virtual USB controller (XHCI), such as USB tablet devices. An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution. Impact: A malicious, privileged software running in a guest VM can exploit the vulnerability to crash the hypervisor process or potentially achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Solutions
freebsd-upgrade-base-14_1-release-p5freebsd-upgrade-base-14_0-release-p11freebsd-upgrade-base-13_4-release-p1freebsd-upgrade-base-13_3-release-p7
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.