What is CVE-2020-7467?

CVE-2020-7467 is a vulnerability in FreeBSD that allows guest operating systems to access and modify host physical memory.

What is the severity of CVE-2020-7467?

The severity of CVE-2020-7467 is high, with a CVSS score of 7.6.

Which versions of FreeBSD are affected by CVE-2020-7467?

The vulnerability affects FreeBSD 11.3, 11.4, 12.1, and 12.2.

How can I fix CVE-2020-7467?

To fix CVE-2020-7467, it is recommended to upgrade to the latest patched version of FreeBSD.

Where can I find more information about CVE-2020-7467?

You can find more information about CVE-2020-7467 on the FreeBSD Security Advisories website.

Vulnerability/
CVE-2020-7467

high

7.6

CWE

269

26/3/2021

1/4/2021

CVE-2020-7467

First published: Fri Mar 26 2021(Updated: )

In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped.

Credit: secteam@freebsd.org

Affected Software	Affected Version	How to fix
FreeBSD FreeBSD	=11.3
FreeBSD FreeBSD	=11.3-p1
FreeBSD FreeBSD	=11.3-p10
FreeBSD FreeBSD	=11.3-p11
FreeBSD FreeBSD	=11.3-p12
FreeBSD FreeBSD	=11.3-p13
FreeBSD FreeBSD	=11.3-p2
FreeBSD FreeBSD	=11.3-p3
FreeBSD FreeBSD	=11.3-p4
FreeBSD FreeBSD	=11.3-p5
FreeBSD FreeBSD	=11.3-p6
FreeBSD FreeBSD	=11.3-p7
FreeBSD FreeBSD	=11.3-p8
FreeBSD FreeBSD	=11.3-p9
FreeBSD FreeBSD	=11.4
FreeBSD FreeBSD	=11.4-p1
FreeBSD FreeBSD	=11.4-p2
FreeBSD FreeBSD	=11.4-p3
FreeBSD FreeBSD	=12.1
FreeBSD FreeBSD	=12.1-p1
FreeBSD FreeBSD	=12.1-p2
FreeBSD FreeBSD	=12.1-p3
FreeBSD FreeBSD	=12.1-p4
FreeBSD FreeBSD	=12.1-p5
FreeBSD FreeBSD	=12.1-p6
FreeBSD FreeBSD	=12.1-p7
FreeBSD FreeBSD	=12.1-p8
FreeBSD FreeBSD	=12.1-p9
FreeBSD FreeBSD	=12.2

Never miss a vulnerability like this again

Reference Links

https://security.FreeBSD.org/advisories/FreeBSD-SA-20:29.bhyve_svm.asc

Frequently Asked Questions

What is CVE-2020-7467?
CVE-2020-7467 is a vulnerability in FreeBSD that allows guest operating systems to access and modify host physical memory.
What is the severity of CVE-2020-7467?
The severity of CVE-2020-7467 is high, with a CVSS score of 7.6.
Which versions of FreeBSD are affected by CVE-2020-7467?
The vulnerability affects FreeBSD 11.3, 11.4, 12.1, and 12.2.
How can I fix CVE-2020-7467?
To fix CVE-2020-7467, it is recommended to upgrade to the latest patched version of FreeBSD.
Where can I find more information about CVE-2020-7467?
You can find more information about CVE-2020-7467 on the FreeBSD Security Advisories website.

collector/nvd-index
vendor/freebsd
canonical/freebsd freebsd
version/freebsd freebsd/11.3
version/freebsd freebsd/11.3-p1
version/freebsd freebsd/11.3-p10
version/freebsd freebsd/11.3-p11
version/freebsd freebsd/11.3-p12
version/freebsd freebsd/11.3-p13
version/freebsd freebsd/11.3-p2
version/freebsd freebsd/11.3-p3
version/freebsd freebsd/11.3-p4
version/freebsd freebsd/11.3-p5
version/freebsd freebsd/11.3-p6
version/freebsd freebsd/11.3-p7
version/freebsd freebsd/11.3-p8
version/freebsd freebsd/11.3-p9
version/freebsd freebsd/11.4
version/freebsd freebsd/11.4-p1
version/freebsd freebsd/11.4-p2
version/freebsd freebsd/11.4-p3
version/freebsd freebsd/12.1
version/freebsd freebsd/12.1-p1
version/freebsd freebsd/12.1-p2
version/freebsd freebsd/12.1-p3
version/freebsd freebsd/12.1-p4
version/freebsd freebsd/12.1-p5
version/freebsd freebsd/12.1-p6
version/freebsd freebsd/12.1-p7
version/freebsd freebsd/12.1-p8
version/freebsd freebsd/12.1-p9
version/freebsd freebsd/12.2