USB Code Vulnerability Allows Malicious Code Execution
CVE-2024-32668

8.2HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 5 September 2024

What is CVE-2024-32668?

An insufficient boundary validation in the USB handling code of the FreeBSD bhyve hypervisor can lead to an out-of-bounds write on the heap, which can be manipulated by an attacker. A malicious, privileged software instance running within a guest virtual machine (VM) has the potential to exploit this vulnerability, achieving unauthorized code execution within the host environment's bhyve userspace process. This process typically operates with root privileges, increasing the risk associated with such an exploit. It is important to note that bhyve runs in a Capsicum sandbox, which limits the capabilities of the malicious code to those allowed for the bhyve process, thus adding a layer of complexity to the exploitation scenario.

Affected Version(s)

FreeBSD 14.1-RELEASE

FreeBSD 14.0-RELEASE

FreeBSD 13.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-24:12....

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 5, 2024
Vulnerability Reserved
Aug 27, 2024

Credit

Synacktiv

The FreeBSD Foundation

The Alpha-Omega Project