NVMe Driver Queue Processing Vulnerability in FreeBSD
CVE-2024-51566

6.5MEDIUM

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 12 November 2024

What is CVE-2024-51566?

The NVMe driver queue processing in FreeBSD is susceptible to vulnerabilities that could be exploited to induce infinite loops through guest interactions. This issue compromises the efficiency and reliability of virtualized environments using FreeBSD, impacting system performance and stability. Adhering to security best practices and applying patches as they become available is critical for maintaining system integrity.

Affected Version(s)

FreeBSD 14.1-RELEASE

FreeBSD 13.4-RELEASE

FreeBSD 13.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-24:17....

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2024

JSON