Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2024-02-14 FreeBSD -- jail(2) information leak
2023-12-13 FreeBSD -- NFS client data corruption and kernel memory disclosure
2023-12-05 FreeBSD -- TCP spoofing vulnerability in pf(4)
2023-10-04 FreeBSD -- arm64 boot CPUs may lack speculative execution protections
FreeBSD -- copy_file_range insufficient capability rights check
FreeBSD -- msdosfs data disclosure
2023-09-07 FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers
FreeBSD -- Wi-Fi encryption bypass
2023-08-31 FreeBSD -- GELI silently omits the keyfile if read from stdin
FreeBSD -- Remote denial of service in IPv6 fragment reassembly
2022-08-10 FreeBSD -- AIO credential reference count leak
FreeBSD -- Memory disclosure by stale virtual memory mapping
FreeBSD -- Out of bound read in elf_note_prpsinfo()
2022-04-07 FreeBSD -- 802.11 heap buffer overflow
FreeBSD -- Bhyve e82545 device emulation out-of-bounds write
FreeBSD -- mpr/mps/mpt driver ioctl heap out-of-bounds write
FreeBSD -- Potential jail escape vulnerabilities in netmap
2022-03-16 FreeBSD-kernel -- Multiple WiFi issues
2021-05-27 FreeBSD-kernel -- SMAP bypass
2021-04-07 FreeBSD -- double free in accept_filter(9) socket configuration interface
FreeBSD -- jail escape possible by mounting over jail root
FreeBSD -- Memory disclosure by stale virtual memory mapping
2021-02-25 FreeBSD -- jail_attach(2) relies on the caller to change the cwd
FreeBSD -- jail_remove(2) fails to kill all jailed processes
FreeBSD -- Xen grant mapping error handling issues
2021-01-29 FreeBSD -- Uninitialized kernel stack leaks in several file systems
FreeBSD -- Xen guests can triger backend Out Of Memory
2020-12-02 FreeBSD -- ICMPv6 use-after-free in error message handling
2020-09-16 FreeBSD -- bhyve privilege escalation via VMCS access
FreeBSD -- bhyve SVM guest escape
FreeBSD -- ure device driver susceptible to packet-in-packet attack
2020-09-02 FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug
FreeBSD -- SCTP socket use-after-free bug
2020-08-06 FreeBSD -- Potential memory corruption in USB network device drivers
FreeBSD -- sendmsg(2) privilege escalation
2020-07-10 FreeBSD -- IPv6 socket option race condition and use after free
2020-06-09 FreeBSD -- USB HID descriptor parsing error
2020-05-12 FreeBSD -- Improper checking in SCTP-AUTH shared key update
FreeBSD -- Insufficient cryptodev MAC key length check
FreeBSD -- Insufficient packet length validation in libalias
FreeBSD -- Memory disclosure vulnerability in libalias
FreeBSD -- Use after free in cryptodev module
2020-04-21 FreeBSD -- ipfw invalid mbuf handling
2020-03-19 FreeBSD -- Incorrect user-controlled pointer use in epair
FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking
FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking
FreeBSD -- Kernel memory disclosure with nested jails
FreeBSD -- TCP IPv6 SYN cache kernel information disclosure
2020-01-29 FreeBSD -- kernel stack data disclosure
FreeBSD -- Missing IPsec anti-replay window check
2019-11-25 FreeBSD -- Intel CPU Microcode Update
FreeBSD -- Machine Check Exception on Page Size Change
2019-10-24 FreeBSD -- ICMPv6 / MLDv2 out-of-bounds memory access
FreeBSD -- Insufficient validation of guest-supplied data (e1000 device)
FreeBSD -- IPv6 remote Denial-of-Service
FreeBSD -- kernel memory disclosure from /dev/midistat
FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat
2019-07-30 FreeBSD -- Bhyve out-of-bounds read in XHCI device
FreeBSD -- File description reference count leak
FreeBSD -- ICMP/ICMP6 packet filter bypass in pf
FreeBSD -- IPv6 fragment reassembly panic in pf(4)
FreeBSD -- Kernel memory disclosure in freebsd32_ioctl
FreeBSD -- Kernel stack disclosure in UFS/FFS
FreeBSD -- Microarchitectural Data Sampling (MDS)
FreeBSD -- Privilege escalation in cd(4) driver
FreeBSD -- pts(4) write-after-free
FreeBSD -- Reference count overflow in mqueue filesystem
FreeBSD -- Resource exhaustion in non-default RACK TCP stack
2019-02-11 FreeBSD -- File description reference count leak
FreeBSD -- System call kernel data register leak
2018-09-12 FreeBSD -- Improper ELF header parsing
2018-08-22 FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure
FreeBSD -- Resource exhaustion in IP fragment reassembly
2018-08-06 FreeBSD -- Resource exhaustion in TCP reassembly
2018-06-21 FreeBSD -- Lazy FPU State Restore Information Disclosure
2018-05-08 FreeBSD -- Mishandling of x86 debug exceptions
2018-04-05 FreeBSD -- ipsec crash or denial of service
FreeBSD -- vt console memory disclosure
2018-03-14 FreeBSD -- ipsec validation and use-after-free
FreeBSD -- Speculative Execution Vulnerabilities
2017-12-06 FreeBSD -- Information leak in kldstat(2)
FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO)
FreeBSD -- POSIX shm allows jails to access global namespace
2017-05-26 FreeBSD -- ipfilter(4) fragment handling panic
2016-10-25 FreeBSD -- bhyve - privilege escalation vulnerability
2016-08-11 FreeBSD -- Buffer overflow in keyboard driver
FreeBSD -- Deadlock in the NFS server
FreeBSD -- Denial of Service in TCP packet processing
FreeBSD -- Denial of Service with IPv6 Router Advertisements
FreeBSD -- Incorrect argument handling in sendmsg(2)
FreeBSD -- Incorrect argument validation in sysarch(2)
FreeBSD -- Integer overflow in IGMP protocol
FreeBSD -- Kernel memory disclosure in control messages and SCTP
FreeBSD -- Kernel stack disclosure in 4.3BSD compatibility layer
FreeBSD -- Kernel stack disclosure in Linux compatibility layer
FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2)
FreeBSD -- ktrace kernel memory disclosure
FreeBSD -- Linux compatibility layer incorrect futex handling
FreeBSD -- Linux compatibility layer issetugid(2) system call
FreeBSD -- Linux compatibility layer setgroups(2) system call
FreeBSD -- Local privilege escalation in IRET handler
FreeBSD -- memory leak in sandboxed namei lookup
FreeBSD -- Resource exhaustion due to sessions stuck in LAST_ACK state
FreeBSD -- Resource exhaustion in TCP reassembly
FreeBSD -- SCTP ICMPv6 error message vulnerability
FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure
FreeBSD -- SCTP stream reset vulnerability
FreeBSD -- TCP MD5 signature denial of service
FreeBSD -- TCP reassembly vulnerability
2016-08-09 FreeBSD -- Incorrect privilege validation in the NFS server
FreeBSD -- integer overflow in IP_MSFILTER
FreeBSD -- Kernel memory disclosure in sctp(4)