An uncovered vulnerability in the LibNV library by the FreeBSD project has raised concerns regarding system security. The vulnerability, discovered to be a logical error, was not properly eliminated, leaving systems susceptible to attacks. The LibNV library, utilized in the nucleus and base system applications for list processing in key/value format, is unique to FreeBSD and does not impact OpenZFS.
The vulnerability stems from a buffer overflow, allowing for the allocation of a buffer larger than the data block size recorded within it. This mistake could potentially be exploited to elevate privileges by modifying memory areas in the kernel and system processes, particularly in instances where LibNV is integrated, such as in Libcasper for interactions between privileged and non-privileged code. The necessary fix for this vulnerability (CVE-2024-45287) has been included in updates 14.1-Release-P5, 14.0-Release-P11, 13.4-Release-P1, and 13.3-Release-P7, as well as in a related patch.
Furthermore, FreeBSD has also addressed a vulnerability (CVE-2024-41721) in the Bhyve hypervisor, which could potentially allow an attacker to execute code on the host system, usually with root privileges, while operating within a guest system. This vulnerability within the XHCI controller code in Bhyve stemmed from inadequate buffer boundary checks, enabling unauthorized access to memory regions outside the buffer and potentially allowing malicious memory writes within the process. The fix for this vulnerability is included in FreeBSD updates 14.1-Release-P5, 14.0-Release-P11, 13.4-Release-P1, and 13.3-Release-P7.
Lastly, a worker at Google’s security research team recently published a prototype exploit and operational details for a vulnerability discovered in the Linux kernel (CVE-2024-26808). This issue has been resolved in recent updates from the Linux kernel, including versions 5.10.210, 5.15.149, 6.1.76, 6.6.15, 6.7.3, and 6.8, and has been rectified in major distributions such as Debian, Ubuntu, RHEL, and SUSE.