GCVE - cpe:2.3:o:freebsd:freebsd:13.3:p5:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:13.3:p5:*:*:*:*:*:*

part: o version: 13.3 update: p5

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.165406

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-8178`	vulnerable	2026-06-08 07:00:22.932802	Multiple issues in ctl(4) CAM Target Layer The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:12.231Z Updated: 2025-11-04T16:15:56.298Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-45287`	vulnerable	2026-06-08 06:45:55.821585	Multiple vulnerabilities in libnv A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. Published: 2024-09-05T03:18:16.076Z Updated: 2024-09-26T15:03:11.171Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:09.libnv.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-45063`	vulnerable	2026-06-08 06:45:54.485212	Multiple issues in ctl(4) CAM Target Layer The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:22.649Z Updated: 2025-11-04T16:15:46.470Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43110`	vulnerable	2026-06-08 06:45:49.590915	Multiple issues in ctl(4) CAM Target Layer The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:19.166Z Updated: 2025-11-04T16:13:45.604Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43102`	vulnerable	2026-06-08 06:45:49.567722	umtx Kernel panic or Use-After-Free Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early. A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape. Published: 2024-09-05T04:54:52.452Z Updated: 2024-09-16T21:02:44.154Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:14.umtx.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42416`	vulnerable	2026-06-08 06:43:56.660348	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-32668`	vulnerable	2026-06-08 06:37:23.567816	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.