Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-51563
PUBLISHED
More InfoOfficial Page
Assigner-freebsd
Assigner Org ID-63664ac6-956c-4cba-a5d0-f46076e16109
View Known Exploited Vulnerability (KEV) details
Published At-12 Nov, 2024 | 14:47
Updated At-03 Nov, 2025 | 20:45
Rejected At-
▼CVE Numbering Authority (CNA)
bhyve(8) virtio_vq_recordon time-of-check to time-of-use race

The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition.

Affected Products
Vendor
FreeBSD FoundationFreeBSD
Product
FreeBSD
Modules
  • bhyve
Default Status
unknown
Versions
Affected
  • From 14.1-RELEASE before p6 (release)
  • From 13.4-RELEASE before p2 (release)
  • From 13.3-RELEASE before p8 (release)
Problem Types
TypeCWE IDDescription
CWECWE-367CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Type: CWE
CWE ID: CWE-367
Description: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Synacktiv
sponsor
The FreeBSD Foundation
sponsor
The Alpha-Omega Project
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc
vendor-advisory
Hyperlink: https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
FreeBSD Foundationfreebsd
Product
freebsd
CPEs
  • cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.netapp.com/advisory/ntap-20250207-0008/
N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20250207-0008/
Resource: N/A
Details not found