CVE-2020-7467

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 12.2-STABLE before r365767 FreeBSD versions 11.4-STABLE before r365769 FreeBSD versions 12.1-RELEASE before p10 FreeBSD versions 11.4-RELEASE before p4 FreeBSD versions 11.3-RELEASE before p14

Description: A number of AMD virtualization instructions in FreeBSD operate on host physical addresses and are not subject to nested page table translation. Guest use of these instructions was not trapped, which could lead to potential security issues.

Recommendations: For FreeBSD versions 12.2-STABLE before r365767, update to a version after r365767. For FreeBSD versions 11.4-STABLE before r365769, update to a version after r365769. For FreeBSD versions 12.1-RELEASE before p10, update to a version after p10. For FreeBSD versions 11.4-RELEASE before p4, update to a version after p4. For FreeBSD versions 11.3-RELEASE before p14, update to a version after p14.