bhyve, as used in FreeBSD up to and including 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd |
||
freebsd freebsd 11.3 |
||
freebsd freebsd 11.4 |
||
freebsd freebsd 12.0 |
||
freebsd freebsd 12.1 |
||
omniosce omnios |
||
openindiana openindiana |
||
netapp clustered data ontap - |