Buffer Over-Read Vulnerability in FreeBSD hda Driver
CVE-2024-51565

6.5MEDIUM

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-51565?

The hda driver in FreeBSD is susceptible to a buffer over-read vulnerability that can be exploited through guest-controlled input, leading to potential unauthorized access to sensitive information. Attackers leveraging this flaw may impact system integrity and confidentiality. Proper security measures and updates are essential to mitigate risks associated with this vulnerability.

Affected Version(s)

FreeBSD 14.1-RELEASE

FreeBSD 13.4-RELEASE

FreeBSD 13.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-24:17....

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2024

JSON