CVE-2024-41721 – Critical vulnerability affecting FreeBSD’s bhyve hypervisor (24-09-2024)

Preface: Today, FreeBSD is used by many IT companies such as IBM, Nokia, Juniper Networks, and NetApp to build their products.

Background: bhyve, pronounced “beehive” is a hypervisor/virtual machine manager for FreeBSD that supports a wide range of guest operating systems on Intel and AMD processors that support the “POPCNT” (POPulation Count) feature, and experimentally ARM64/aarch64 processors that support the gic0: <ARM Generic Interrupt Controller v3.0> feature (visible in dmesg(8)).

bhyve supports multiple storage and networking back-ends, UEFI, FreeBSD loader, and GRUB booting, PCI Pass-Through (PPT), integrated VNC and 9pfs servers, and many more features.

As of 14.0-RELEASE, bhyve supports TPM passthrough and TPM emulation

Vulnerability details: An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution.

Official announcement: Please refer to the vendor announcement for details – https://www.tenable.com/cve/CVE-2024-41721

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.