vulnerability
FreeBSD: VID-2c5b9cd7-f7e6-11ea-88f8-901b0ef719ab (CVE-2020-24718): FreeBSD -- bhyve privilege escalation via VMCS access
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Sep 16, 2020 | Sep 17, 2020 | Mar 25, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Sep 16, 2020
Added
Sep 17, 2020
Modified
Mar 25, 2026
Description
Problem Description: AMD and Intel CPUs support hardware virtualization using specialized data structures that control various aspects of guest operation. These are the Virtual Machine Control Structure (VMCS) on Intel CPUs, and the Virtual Machine Control Block (VMCB) on AMD CPUs. Insufficient access controls allow root users, including those running in a jail, to change these data structures. Impact: An attacker with host root access (including to a jailed bhyve instance) can use this vulnerability to achieve kernel code execution.
Solutions
freebsd-upgrade-base-12_1-release-p10freebsd-upgrade-base-11_4-release-p4freebsd-upgrade-base-11_3-release-p14
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.