MNBSD-2020-9: Insufficient access controls on bhyve VMCS/VMCB structures

Severity: Unknown

Affected Package: kernel

Summary: Insufficient access controls on bhyve VMCS/VMCB structures

Description

AMD and Intel CPUs support hardware virtualization using specialized control structures (the Virtual Machine Control Structure on Intel and the Virtual Machine Control Block on AMD). Insufficient access controls allowed root users, including those running in a jail, to modify these data structures, enabling kernel code execution and escape from the guest or jail.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2020-24718

Published: September 15, 2020
Last Modified: September 15, 2020