What is the severity of CVE-2019-5604?

The severity of CVE-2019-5604 is critical with a CVSS score of 9.6.

What is the affected software for CVE-2019-5604?

The affected software for CVE-2019-5604 includes FreeBSD 11.0 and 11.2 to 12.0.

How can I fix CVE-2019-5604?

To fix CVE-2019-5604, you should apply the necessary security patches provided by FreeBSD.

Where can I find more information about CVE-2019-5604?

You can find more information about CVE-2019-5604 in the FreeBSD Security Advisory FreeBSD-SA-19:16.bhyve.

What is the vulnerability CWE of CVE-2019-5604?

The vulnerability CWE of CVE-2019-5604 is CWE-125 (Out-of-bounds Read).

Vulnerability/
CVE-2019-5604

critical

9.6

CWE

125

26/7/2019

4/8/2024

CVE-2019-5604

First published: Fri Jul 26 2019(Updated: )

In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest, allowing an out-of-bounds read. This provides a malicious guest the possibility to crash the system or access system memory.

Credit: secteam@freebsd.org

Affected Software	Affected Version	How to fix
FreeBSD FreeBSD	=11.0
FreeBSD FreeBSD	=11.2
FreeBSD FreeBSD	=11.2-p10
FreeBSD FreeBSD	=11.2-p11
FreeBSD FreeBSD	=11.2-p2
FreeBSD FreeBSD	=11.2-p3
FreeBSD FreeBSD	=11.2-p4
FreeBSD FreeBSD	=11.2-p5
FreeBSD FreeBSD	=11.2-p6
FreeBSD FreeBSD	=11.2-p7
FreeBSD FreeBSD	=11.2-p8
FreeBSD FreeBSD	=11.2-p9
FreeBSD FreeBSD	=11.2-rc3
FreeBSD FreeBSD	=11.3
FreeBSD FreeBSD	=12.0
FreeBSD FreeBSD	=12.0-p1
FreeBSD FreeBSD	=12.0-p2
FreeBSD FreeBSD	=12.0-p3
FreeBSD FreeBSD	=12.0-p4
FreeBSD FreeBSD	=12.0-p5
FreeBSD FreeBSD	=12.0-p6
FreeBSD FreeBSD	=12.0-p7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-5604?
The severity of CVE-2019-5604 is critical with a CVSS score of 9.6.
What is the affected software for CVE-2019-5604?
The affected software for CVE-2019-5604 includes FreeBSD 11.0 and 11.2 to 12.0.
How can I fix CVE-2019-5604?
To fix CVE-2019-5604, you should apply the necessary security patches provided by FreeBSD.
Where can I find more information about CVE-2019-5604?
You can find more information about CVE-2019-5604 in the FreeBSD Security Advisory FreeBSD-SA-19:16.bhyve.
What is the vulnerability CWE of CVE-2019-5604?
The vulnerability CWE of CVE-2019-5604 is CWE-125 (Out-of-bounds Read).

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/references
agent/softwarecombine
agent/tags
agent/event
agent/description
agent/first-publish-date
vendor/freebsd
canonical/freebsd freebsd
version/freebsd freebsd/11.0
version/freebsd freebsd/11.2
version/freebsd freebsd/11.2-p10
version/freebsd freebsd/11.2-p11
version/freebsd freebsd/11.2-p2
version/freebsd freebsd/11.2-p3
version/freebsd freebsd/11.2-p4
version/freebsd freebsd/11.2-p5
version/freebsd freebsd/11.2-p6
version/freebsd freebsd/11.2-p7
version/freebsd freebsd/11.2-p8
version/freebsd freebsd/11.2-p9
version/freebsd freebsd/11.2-rc3
version/freebsd freebsd/11.3
version/freebsd freebsd/12.0
version/freebsd freebsd/12.0-p1
version/freebsd freebsd/12.0-p2
version/freebsd freebsd/12.0-p3
version/freebsd freebsd/12.0-p4
version/freebsd freebsd/12.0-p5
version/freebsd freebsd/12.0-p6
version/freebsd freebsd/12.0-p7