FreeBSD: VID-eb5c615d-a173-11ef-9a62-002590c1f29c (CVE-2024-51564): FreeBSD -- Multiple issues in the bhyve hypervisor

Problem Description: Several vulnerabilities were found in the bhyve hypervisor's device models. The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over- read from a guest-controlled value. (CVE-2024-51562) The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition. (CVE-2024-51563) A guest can trigger an infinite loop in the hda audio driver. (CVE-2024-51564) The hda driver is vulnerable to a buffer over-read from a guest-controlled value. (CVE-2024-51565) The NVMe driver queue processing is vulernable to guest-induced infinite loops. (CVE-2024-51566) Impact: Malicious guest virtual machines may be able to perform a denial of service (DoS) of the bhyve host, and may read memory within the bhyve process that they should not be able to access.