ARTICLE AD BOX
Published : Sept. 5, 2024, 5:15 a.m. | 24 minutes ago
Description : An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
English (US) ·