2021-08

FreeBSD-SA-21:13.bhyve : Missing error handling in bhyve(8) device models

Versions Affected : All versions prior to TrueNAS 12.0-U6

Description

Certain VirtIO-based device models failed to handle errors when fetching I/O descriptors.

2021-08-24

FreeBSD-EN-21:25.bhyve : Fix NVMe iovec construction for large IOs

Versions Affected : All versions prior to TrueNAS 12.0-U6

Description

When a RHEL 8.4 and later (or variants) are installed as guests within bhyve(8) on emulated NVMe storage, the system will not boot due to a newer UEFI driver that is included with these distributions.

2021-08-24

2020-09

FreeBSD-EN-20:29.bhyve_svm : bhyve SVM guest escape

Versions Affected : All verisons prior to FreeNAS 11.3-U5

Description

A number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped.

2020-09-15

FreeBSD-EN-20:28.bhyve_vmcs : bhyve privilege escalation

Versions Affected : All verisons prior to FreeNAS 11.3-U5

Description

Insufficient access controls (VMCS) allow root users, including those running in a jail, to change these data structures.

2020-09-15