CVE-2024-51564
📋 TL;DR
A guest operating system can trigger an infinite loop in the bhyve hypervisor's HDA audio driver, causing a denial of service. This affects FreeBSD systems running bhyve virtualization with audio emulation enabled. The vulnerability allows a malicious guest to crash the host system.
💻 Affected Systems
- FreeBSD bhyve hypervisor
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete host system crash and denial of service, potentially affecting all virtual machines running on the hypervisor.
Likely Case
Host system becomes unresponsive requiring a hard reboot, disrupting all guest VMs and services.
If Mitigated
Limited impact if audio emulation is disabled or affected systems are isolated from untrusted guests.
🎯 Exploit Status
Exploitation requires guest VM access and ability to trigger specific audio operations. No public exploit code has been disclosed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: FreeBSD 13.2-RELEASE p10, FreeBSD 13.3-RELEASE p5, FreeBSD 14.0-RELEASE p5, FreeBSD 14.1-RELEASE p2
Vendor Advisory: https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc
Restart Required: Yes
Instructions:
1. Update FreeBSD system using freebsd-update or pkg upgrade. 2. Apply the relevant patch release for your version. 3. Reboot the host system to load the patched kernel.
🔧 Temporary Workarounds
Disable audio emulation
allRemove audio device configuration from bhyve guest VMs to eliminate the attack surface.
Remove '-A' flag from bhyve command line
Remove audio device from VM configuration files
🧯 If You Can't Patch
- Disable audio emulation on all bhyve guest VMs
- Isolate virtualization hosts from running untrusted guest VMs
🔍 How to Verify
Check if Vulnerable:
Check FreeBSD version with 'uname -a' and verify if running affected versions with bhyve audio enabled.Check Version:
uname -aVerify Fix Applied:
Verify FreeBSD version is patched with 'uname -a' showing p10, p5, or p2 suffix depending on base version.📡 Detection & Monitoring
Log Indicators:
- Host system crashes or hangs
- Kernel panic messages related to audio driver
- bhyve process becoming unresponsive
Network Indicators:
- Sudden loss of connectivity to all VMs on a host
SIEM Query:
host.os.name:"FreeBSD" AND (event.action:"crash" OR event.action:"hang") AND process.name:"bhyve"