HomeFreeBSD
Diffusion FreeBSD src repository e7a790dc3ffe

bhyve: improve input validation in pci_xhci
e7a790dc3ffe
Actions

Description

bhyve: improve input validation in pci_xhci

Several functions did not validate the slot index resulting in OOB read
on the heap of the slot device structure which could lead to arbitrary
reads/writes and potentially code execution.

Reported by: Synacktiv
Reviewed by: markj (earlier), jhb
Approved by: so
Security: FreeBSD-SA-24:15.bhyve
Security: CVE-2024-41721
Security: HYP-02
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45996

(cherry picked from commit e72d86ad9c62c8054d7977a71f08e68ef755c132)
(cherry picked from commit 419da61f8203ac475550ae4b0971dbef10f811f2)
(cherry picked from commit 2abd2ad648994e8444f479e54773a36311f522e5)

Details

Provenance
khorben_defora.orgAuthored on Jul 17 2024, 3:04 PM
gordonCommitted on Sep 19 2024, 1:09 PM
Reviewer
markj
Differential Revision
Restricted Differential Revision
Parents
rGea9257bcd0e1: pf: rework pf_icmp_state_lookup() failure mode
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
usr.sbin/
bhyve/

rGe7a790dc3ffe

View Options

usr.sbin/bhyve/pci_xhci.c

Loading...