Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-25940

`bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree on the host. Affected versions of bhyveload(8) do not make any attempt to restrict loader's access to <host-path>, allowing the loader to read any file the host user has access to. In the bhyveload(8) model, the host supplies a userboot.so to boot with, but the loader scripts generally come from the guest image. A maliciously crafted script could be used to exfiltrate sensitive data from the host accessible to the user running bhyhveload(8), which is often the system root.

Published

2024-02-15T05:15:11.100

Last Modified

2025-06-04T21:24:01.180

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-922
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System freebsd freebsd < 13.2 Yes
Operating System freebsd freebsd < 14.0 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 13.2 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
Operating System freebsd freebsd 14.0 Yes
References