Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration space access. Given it's a heap overflow in a privileged hypervisor context, exploitation may enable arbitrary code execution or guest-to-host privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BitVisor 安全漏洞
Vulnerability Description
BitVisor是BitVisor开源的一个虚拟机监控程序。 BitVisor 108df6版本至480907版本存在安全漏洞,该漏洞源于VirtIO网络设备模拟中存在越界写入,可能导致拒绝服务攻击,在特权管理程序环境中还可能执行任意代码或导致客户机到主机权限提升。
CVSS Information
N/A
Vulnerability Type
N/A