Описание
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
EPSS
Процентиль: 14%
0.00046
Низкий
8.4 High
CVSS3
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 8.4
github
больше 1 года назад
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
EPSS
Процентиль: 14%
0.00046
Низкий
8.4 High
CVSS3
Дефекты
CWE-125