CVE-2024-41721

CVE-2024-41721: bhyve(8) out-of-bounds read access via XHCI emulation

Vendor Freebsd
Product FreeBSD
Weakness CWE-125
Published September 20, 2024
Last update September 26, 2024

CVSS base score

What the vulnerability does

01Description

An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution.

Key dates

02Disclosure timeline

September 20, 2024 CVE published
September 26, 2024 Record updated