FreeBSD -- Missing error handling in bhyve(8) device models

Problem Description:

Certain VirtIO-based device models failed to handle errors when fetching I/O descriptors. Such errors could be triggered by a malicious guest. As a result, the device model code could be tricked into operating on uninitialized I/O vectors, leading to memory corruption.

Impact:

A malicious guest may be able to crash the bhyve process. It may be possible to exploit the memory corruption bugs to achieve arbitrary code execution in the bhyve process.