8.1
CVE-2024-41721
- EPSS 4.36%
- Veröffentlicht 20.09.2024 08:15:11
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle secteam@freebsd.org
- CVE-Watchlists
- Unerledigt
bhyve(8) out-of-bounds read access via XHCI emulation
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerfreebsd
≫
Produkt
freebsd
Default Statusunknown
Version
14.1
Version <
14.1_p5
Status
affected
Version
14.0
Version <
14.0_p11
Status
affected
Version
13.4
Version <
13.4_p1
Status
affected
Version
13.3
Version <
13.3_p7
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.36% | 0.887 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.