Date: Wed, 2 Oct 2024 14:12:43 -0400 From: Ed Maste <emaste@freebsd.org> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: =?UTF-8?Q?Bojan_Novkovi=C4=87?= <bnovkov@freebsd.org>, src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: 51fda658baa3 - main - vmm: Properly handle writes spanning across two pages in vm_handle_db Message-ID: <CAPyFy2D%2B7RAvwVajrrhbO75nS-_zgsDG1KkxSBfbG47-=3xanA@mail.gmail.com> In-Reply-To: <20241002165318.AA05628D@slippy.cwsent.com> References: <202410021645.492Gj4Sb035939@gitrepo.freebsd.org> <20241002165318.AA05628D@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Oct 2024 at 12:53, Cy Schubert <Cy.Schubert@cschubert.com> wrote: > > > vmm: Properly handle writes spanning across two pages in vm_handle_db > > > > ... > > Security: HYP-09 > > Where can we find this vulnerability documented? With support from the Alpha-Omega project the FreeBSD Foundation commissioned Synacktiv to perform a code audit of two FreeBSD subsystems: bhyve (kernel vmm and userspace device models), and kernel code reachable from within a Capsicum sandbox. These HYP-* and CAP-* tags reference vulnerabilities in the Synacktiv report. Recent SAs (SA-24:09.libnv, SA-24:10.bhyve, SA-24:11.ctl, SA-24:12.bhyve, SA-24:14.umtx, SA-24:15.bhyve) are fixes for issues identified as "critical" or "high" severity. Remaining issues are "medium" or lower severity. The report will be made public after the appropriate issues have been addressed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2D%2B7RAvwVajrrhbO75nS-_zgsDG1KkxSBfbG47-=3xanA>