FreeBSD : FreeBSD -- bhyve SVM guest escape (e73c688b-f7e6-11ea-88f8-901b0ef719ab)

High Nessus Plugin ID 140630

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped. Impact : From kernel mode a malicious guest can write to arbitrary host memory (with some constraints), affording the guest full control of the host.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?f9e6c9f8

Plugin Details

Severity: High

ID: 140630

File Name: freebsd_pkg_e73c688bf7e611ea88f8901b0ef719ab.nasl

Version: 1.1

Type: local

Published: 2020/09/17

Updated: 2020/09/17

Dependencies: 12634

Configuration: Enable paranoid mode

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 2020/09/16

Vulnerability Publication Date: 2020/09/15

Reference Information

CVE: CVE-2020-7467

FreeBSD: SA-20:29.bhyve_svm