State Issues in FreeBSD - CVE-2023-3494

 

State Issues in FreeBSD - CVE-2023-3494

Published: August 2, 2023


Vulnerability identifier: #VU78875
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-3494
CWE-ID: CWE-371
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: FreeBSD Foundation
Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to an error in the state machine implementation within the bhyve fwctl driver, which is executed when a bhyve guest accesses certain x86 I/O ports. A malicious, privileged software running in a guest VM can exploit the state issue to trigger buffer overflow and achieve code execution on the host in the bhyve userspace process.


How to mitigate CVE-2023-3494

Install updates from vendor's website.

Sources