Buffer Over-Read Vulnerability in FreeBSD NVMe Driver

CVE-2024-51562

What is CVE-2024-51562?

The NVMe driver in FreeBSD is susceptible to a buffer over-read issue due to mishandling of input from guest-controlled values in the nvme_opc_get_log_page function. This vulnerability could allow attackers to read unintended memory areas, potentially exposing sensitive data and compromising system integrity. It is crucial for users and administrators to apply appropriate mitigations to safeguard their systems against exploitation.

References