CVE-2020-24718 : Security Advisory and Response

A vulnerability in bhyve, as used in FreeBSD and illumos, allows a root user in a container on an Intel system to gain privileges by modifying VMCS_HOST_RIP.

Understanding CVE-2020-24718

This CVE identifies a security flaw in the bhyve virtualization software used in FreeBSD and illumos systems.

What is CVE-2020-24718?

CVE-2020-24718 is a vulnerability in bhyve that enables a root user within a container on an Intel system to escalate privileges by altering VMCS_HOST_RIP.

The Impact of CVE-2020-24718

The vulnerability could be exploited by a malicious actor to gain elevated privileges on affected systems, potentially leading to unauthorized access and control.

Technical Details of CVE-2020-24718

This section delves into the technical aspects of the CVE.

Vulnerability Description

The issue arises from bhyve's inadequate restriction of VMCS and VMCB read/write operations, allowing unauthorized privilege escalation.

Affected Systems and Versions

FreeBSD through version 12.1
illumos systems, including OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04

Exploitation Mechanism

A root user within a container on an Intel system can exploit the vulnerability by manipulating VMCS_HOST_RIP.

Mitigation and Prevention

Protecting systems from CVE-2020-24718 requires immediate actions and long-term security measures.

Immediate Steps to Take

Apply patches and updates provided by FreeBSD and illumos to address the vulnerability.
Monitor system activity for any signs of unauthorized privilege escalation.

Long-Term Security Practices

Implement the principle of least privilege to restrict user access and capabilities.
Regularly audit and review virtualization configurations to ensure security best practices are followed.

Patching and Updates

Stay informed about security advisories from FreeBSD and illumos for any further updates or patches to mitigate the vulnerability.