Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing bounds check in 9p message handling
Vulnerability Description
The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve guest kernel to overwrite memory in the bhyve(8) process. This could potentially lead to user-mode code execution on the host, subject to bhyve's Capsicum sandbox.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD 安全漏洞
Vulnerability Description
FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞。攻击者利用该漏洞通过9p消息处理触发FreeBSD的缓冲区溢出,以触发拒绝服务,并可能在主机系统上运行代码。
CVSS Information
N/A
Vulnerability Type
N/A