Category: FreeBSD
-
FreeBSD security vulnerability (CVE-2024-41721)
CVE-2024-41721 refers to a vulnerability in FreeBSD’s USB subsystem, specifically related to the XHCI (eXtensible Host Controller Interface) emulation in the bhyve hypervisor. The flaw arises from insufficient boundary validation, leading to an out-of-bounds read on the heap. This vulnerability can potentially allow an attacker to perform arbitrary writes and execute remote code. Affected versions…
-
FreeBSD security vulnerability (CVE-2024-43102)
CVE-2024-43102 is a critical vulnerability affecting FreeBSD, specifically related to the improper handling of anonymous shared memory mappings in the kernel. This vulnerability is tied to the UMTX_SHM_DESTROY operation within the UMTX_OP_SHM API. If exploited, it can lead to a premature freeing of memory, which may result in a kernel panic or enable further “use-after-free”…