| 2024-02-14 |
FreeBSD -- jail(2) information leak |
| 2023-12-13 |
FreeBSD -- NFS client data corruption and kernel memory disclosure |
| 2023-12-05 |
FreeBSD -- TCP spoofing vulnerability in pf(4) |
| 2023-10-04 |
FreeBSD -- arm64 boot CPUs may lack speculative execution protections |
| FreeBSD -- copy_file_range insufficient capability rights check |
| FreeBSD -- msdosfs data disclosure |
| 2023-09-07 |
FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers |
| FreeBSD -- Wi-Fi encryption bypass |
| 2023-08-31 |
FreeBSD -- GELI silently omits the keyfile if read from stdin |
| FreeBSD -- Remote denial of service in IPv6 fragment reassembly |
| 2022-08-10 |
FreeBSD -- AIO credential reference count leak |
| FreeBSD -- Memory disclosure by stale virtual memory mapping |
| FreeBSD -- Out of bound read in elf_note_prpsinfo() |
| 2022-04-07 |
FreeBSD -- 802.11 heap buffer overflow |
| FreeBSD -- Bhyve e82545 device emulation out-of-bounds write |
| FreeBSD -- mpr/mps/mpt driver ioctl heap out-of-bounds write |
| FreeBSD -- Potential jail escape vulnerabilities in netmap |
| 2022-03-16 |
FreeBSD-kernel -- Multiple WiFi issues |
| 2021-05-27 |
FreeBSD-kernel -- SMAP bypass |
| 2021-04-07 |
FreeBSD -- double free in accept_filter(9) socket configuration interface |
| FreeBSD -- jail escape possible by mounting over jail root |
| FreeBSD -- Memory disclosure by stale virtual memory mapping |
| 2021-02-25 |
FreeBSD -- jail_attach(2) relies on the caller to change the cwd |
| FreeBSD -- jail_remove(2) fails to kill all jailed processes |
| FreeBSD -- Xen grant mapping error handling issues |
| 2021-01-29 |
FreeBSD -- Uninitialized kernel stack leaks in several file systems |
| FreeBSD -- Xen guests can triger backend Out Of Memory |
| 2020-12-02 |
FreeBSD -- ICMPv6 use-after-free in error message handling |
| 2020-09-16 |
FreeBSD -- bhyve privilege escalation via VMCS access |
| FreeBSD -- bhyve SVM guest escape |
| FreeBSD -- ure device driver susceptible to packet-in-packet attack |
| 2020-09-02 |
FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug |
| FreeBSD -- SCTP socket use-after-free bug |
| 2020-08-06 |
FreeBSD -- Potential memory corruption in USB network device drivers |
| FreeBSD -- sendmsg(2) privilege escalation |
| 2020-07-10 |
FreeBSD -- IPv6 socket option race condition and use after free |
| 2020-06-09 |
FreeBSD -- USB HID descriptor parsing error |
| 2020-05-12 |
FreeBSD -- Improper checking in SCTP-AUTH shared key update |
| FreeBSD -- Insufficient cryptodev MAC key length check |
| FreeBSD -- Insufficient packet length validation in libalias |
| FreeBSD -- Memory disclosure vulnerability in libalias |
| FreeBSD -- Use after free in cryptodev module |
| 2020-04-21 |
FreeBSD -- ipfw invalid mbuf handling |
| 2020-03-19 |
FreeBSD -- Incorrect user-controlled pointer use in epair |
| FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking |
| FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking |
| FreeBSD -- Kernel memory disclosure with nested jails |
| FreeBSD -- TCP IPv6 SYN cache kernel information disclosure |
| 2020-01-29 |
FreeBSD -- kernel stack data disclosure |
| FreeBSD -- Missing IPsec anti-replay window check |
| 2019-11-25 |
FreeBSD -- Intel CPU Microcode Update |
| FreeBSD -- Machine Check Exception on Page Size Change |
| 2019-10-24 |
FreeBSD -- ICMPv6 / MLDv2 out-of-bounds memory access |
| FreeBSD -- Insufficient validation of guest-supplied data (e1000 device) |
| FreeBSD -- IPv6 remote Denial-of-Service |
| FreeBSD -- kernel memory disclosure from /dev/midistat |
| FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat |
| 2019-07-30 |
FreeBSD -- Bhyve out-of-bounds read in XHCI device |
| FreeBSD -- File description reference count leak |
| FreeBSD -- ICMP/ICMP6 packet filter bypass in pf |
| FreeBSD -- IPv6 fragment reassembly panic in pf(4) |
| FreeBSD -- Kernel memory disclosure in freebsd32_ioctl |
| FreeBSD -- Kernel stack disclosure in UFS/FFS |
| FreeBSD -- Microarchitectural Data Sampling (MDS) |
| FreeBSD -- Privilege escalation in cd(4) driver |
| FreeBSD -- pts(4) write-after-free |
| FreeBSD -- Reference count overflow in mqueue filesystem |
| FreeBSD -- Resource exhaustion in non-default RACK TCP stack |
| 2019-02-11 |
FreeBSD -- File description reference count leak |
| FreeBSD -- System call kernel data register leak |
| 2018-09-12 |
FreeBSD -- Improper ELF header parsing |
| 2018-08-22 |
FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure |
| FreeBSD -- Resource exhaustion in IP fragment reassembly |
| 2018-08-06 |
FreeBSD -- Resource exhaustion in TCP reassembly |
| 2018-06-21 |
FreeBSD -- Lazy FPU State Restore Information Disclosure |
| 2018-05-08 |
FreeBSD -- Mishandling of x86 debug exceptions |
| 2018-04-05 |
FreeBSD -- ipsec crash or denial of service |
| FreeBSD -- vt console memory disclosure |
| 2018-03-14 |
FreeBSD -- ipsec validation and use-after-free |
| FreeBSD -- Speculative Execution Vulnerabilities |
| 2017-12-06 |
FreeBSD -- Information leak in kldstat(2) |
| FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO) |
| FreeBSD -- POSIX shm allows jails to access global namespace |
| 2017-05-26 |
FreeBSD -- ipfilter(4) fragment handling panic |
| 2016-10-25 |
FreeBSD -- bhyve - privilege escalation vulnerability |
| 2016-08-11 |
FreeBSD -- Buffer overflow in keyboard driver |
| FreeBSD -- Deadlock in the NFS server |
| FreeBSD -- Denial of Service in TCP packet processing |
| FreeBSD -- Denial of Service with IPv6 Router Advertisements |
| FreeBSD -- Incorrect argument handling in sendmsg(2) |
| FreeBSD -- Incorrect argument validation in sysarch(2) |
| FreeBSD -- Integer overflow in IGMP protocol |
| FreeBSD -- Kernel memory disclosure in control messages and SCTP |
| FreeBSD -- Kernel stack disclosure in 4.3BSD compatibility layer |
| FreeBSD -- Kernel stack disclosure in Linux compatibility layer |
| FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2) |
| FreeBSD -- ktrace kernel memory disclosure |
| FreeBSD -- Linux compatibility layer incorrect futex handling |
| FreeBSD -- Linux compatibility layer issetugid(2) system call |
| FreeBSD -- Linux compatibility layer setgroups(2) system call |
| FreeBSD -- Local privilege escalation in IRET handler |
| FreeBSD -- memory leak in sandboxed namei lookup |
| FreeBSD -- Resource exhaustion due to sessions stuck in LAST_ACK state |
| FreeBSD -- Resource exhaustion in TCP reassembly |
| FreeBSD -- SCTP ICMPv6 error message vulnerability |
| FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure |
| FreeBSD -- SCTP stream reset vulnerability |
| FreeBSD -- TCP MD5 signature denial of service |
| FreeBSD -- TCP reassembly vulnerability |
| 2016-08-09 |
FreeBSD -- Incorrect privilege validation in the NFS server |
| FreeBSD -- integer overflow in IP_MSFILTER |
| FreeBSD -- Kernel memory disclosure in sctp(4) |