Severity: Unknown
Affected Package: bhyve
Summary: bhyve e1000 out-of-bounds write via unvalidated checksum offset
The e1000 network device model in bhyve used a guest-provided value as the checksum offset into an on-stack buffer when checksum offload was requested for a transmitted packet, without validating it for certain packet types. A malicious guest could write out of bounds in the host bhyve process, possibly leading to code execution in the host context.
No specific recommendations provided.
Aliases: CVE-2022-23087
Published: April 06, 2022
Last Modified: April 06, 2022