vulnerability
FreeBSD: VID-2c5b9cd7-f7e6-11ea-88f8-901b0ef719ab (CVE-2020-24718): FreeBSD -- bhyve privilege escalation via VMCS access
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Sep 16, 2020 | Sep 17, 2020 | Dec 10, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Sep 16, 2020
Added
Sep 17, 2020
Modified
Dec 10, 2025
Description
Problem Description: AMD and Intel CPUs support hardware virtualization using specialized data structures that control various aspects of guest operation. These are the Virtual Machine Control Structure (VMCS) on Intel CPUs, and the Virtual Machine Control Block (VMCB) on AMD CPUs. Insufficient access controls allow root users, including those running in a jail, to change these data structures. Impact: An attacker with host root access (including to a jailed bhyve instance) can use this vulnerability to achieve kernel code execution.
Solutions
freebsd-upgrade-base-12_1-release-p10freebsd-upgrade-base-11_4-release-p4freebsd-upgrade-base-11_3-release-p14
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.