HomeFreeBSD
Diffusion FreeBSD src repository 2abd2ad64899

bhyve: improve input validation in pci_xhci
2abd2ad64899
Actions

Description

bhyve: improve input validation in pci_xhci

Several functions did not validate the slot index resulting in OOB read
on the heap of the slot device structure which could lead to arbitrary
reads/writes and potentially code execution.

Reported by: Synacktiv
Reviewed by: markj (earlier), jhb
Security: CVE-2024-41721
Security: HYP-02
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45996

(cherry picked from commit e72d86ad9c62c8054d7977a71f08e68ef755c132)
(cherry picked from commit 419da61f8203ac475550ae4b0971dbef10f811f2)

Details

Provenance
khorben_defora.orgAuthored on Jul 17 2024, 3:04 PM
emasteCommitted on Sep 19 2024, 12:40 PM
Reviewer
markj
Differential Revision
Restricted Differential Revision
Parents
rGebb3a73d0669: pf: fix debug printf
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
usr.sbin/
bhyve/

rG2abd2ad64899

View Options

usr.sbin/bhyve/pci_xhci.c

Loading...