Re: git: 51fda658baa3 - main - vmm: Properly handle writes spanning across two pages in vm_handle_db

In reply to: Cy Schubert : "Re: git: 51fda658baa3 - main - vmm: Properly handle writes spanning across two pages in vm_handle_db"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Ed Maste <emaste_at_freebsd.org>
Date: Wed, 02 Oct 2024 18:12:43 UTC

On Wed, 2 Oct 2024 at 12:53, Cy Schubert <Cy.Schubert@cschubert.com> wrote:
>
> >     vmm: Properly handle writes spanning across two pages in vm_handle_db
> >
> > ...
> >     Security:       HYP-09
>
> Where can we find this vulnerability documented?

With support from the Alpha-Omega project the FreeBSD Foundation
commissioned Synacktiv to perform a code audit of two FreeBSD
subsystems: bhyve (kernel vmm and userspace device models), and kernel
code reachable from within a Capsicum sandbox. These HYP-* and CAP-*
tags reference vulnerabilities in the Synacktiv report.

Recent SAs (SA-24:09.libnv, SA-24:10.bhyve, SA-24:11.ctl,
SA-24:12.bhyve, SA-24:14.umtx, SA-24:15.bhyve) are fixes for issues
identified as "critical" or "high" severity. Remaining issues are
"medium" or lower severity. The report will be made public after the
appropriate issues have been addressed.