Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-51565
PUBLISHED
More InfoOfficial Page
Assigner-freebsd
Assigner Org ID-63664ac6-956c-4cba-a5d0-f46076e16109
View Known Exploited Vulnerability (KEV) details
Published At-12 Nov, 2024 | 14:53
Updated At-03 Nov, 2025 | 20:45
Rejected At-
▼CVE Numbering Authority (CNA)
bhyve(8) hda driver buffer over-read

The hda driver is vulnerable to a buffer over-read from a guest-controlled value.

Affected Products
Vendor
FreeBSD FoundationFreeBSD
Product
FreeBSD
Modules
  • bhyve
Default Status
unknown
Versions
Affected
  • From 14.1-RELEASE before p6 (release)
  • From 13.4-RELEASE before p2 (release)
  • From 13.3-RELEASE before p8 (release)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Synacktiv
sponsor
The FreeBSD Foundation
sponsor
The Alpha-Omega Project
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc
vendor-advisory
Hyperlink: https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
FreeBSD Foundationfreebsd
Product
freebsd
CPEs
  • cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before * (custom)
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.netapp.com/advisory/ntap-20250207-0008/
N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20250207-0008/
Resource: N/A
Details not found