FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

FreeBSD-kernel


Entered Topic
2019-11-25 FreeBSD -- Intel CPU Microcode Update
FreeBSD -- Machine Check Exception on Page Size Change
2019-10-24 FreeBSD -- ICMPv6 / MLDv2 out-of-bounds memory access
FreeBSD -- Insufficient validation of guest-supplied data (e1000 device)
FreeBSD -- IPv6 remote Denial-of-Service
FreeBSD -- kernel memory disclosure from /dev/midistat
FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat
2019-07-30 FreeBSD -- Bhyve out-of-bounds read in XHCI device
FreeBSD -- File description reference count leak
FreeBSD -- ICMP/ICMP6 packet filter bypass in pf
FreeBSD -- IPv6 fragment reassembly panic in pf(4)
FreeBSD -- Kernel memory disclosure in freebsd32_ioctl
FreeBSD -- Kernel stack disclosure in UFS/FFS
FreeBSD -- Microarchitectural Data Sampling (MDS)
FreeBSD -- Privilege escalation in cd(4) driver
FreeBSD -- pts(4) write-after-free
FreeBSD -- Reference count overflow in mqueue filesystem
FreeBSD -- Resource exhaustion in non-default RACK TCP stack
2019-02-11 FreeBSD -- File description reference count leak
FreeBSD -- System call kernel data register leak
2018-09-12 FreeBSD -- Improper ELF header parsing
2018-08-22 FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure
FreeBSD -- Resource exhaustion in IP fragment reassembly
2018-08-06 FreeBSD -- Resource exhaustion in TCP reassembly
2018-06-21 FreeBSD -- Lazy FPU State Restore Information Disclosure
2018-05-08 FreeBSD -- Mishandling of x86 debug exceptions
2018-04-05 FreeBSD -- ipsec crash or denial of service
FreeBSD -- vt console memory disclosure
2018-03-14 FreeBSD -- ipsec validation and use-after-free
FreeBSD -- Speculative Execution Vulnerabilities
2017-12-06 FreeBSD -- Information leak in kldstat(2)
FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO)
FreeBSD -- POSIX shm allows jails to access global namespace
2017-05-26 FreeBSD -- ipfilter(4) fragment handling panic
2016-10-25 FreeBSD -- bhyve - privilege escalation vulnerability
2016-08-11 FreeBSD -- Buffer overflow in keyboard driver
FreeBSD -- Deadlock in the NFS server
FreeBSD -- Denial of Service in TCP packet processing
FreeBSD -- Denial of Service with IPv6 Router Advertisements
FreeBSD -- Incorrect argument handling in sendmsg(2)
FreeBSD -- Incorrect argument validation in sysarch(2)
FreeBSD -- Integer overflow in IGMP protocol
FreeBSD -- Kernel memory disclosure in control messages and SCTP
FreeBSD -- Kernel stack disclosure in 4.3BSD compatibility layer
FreeBSD -- Kernel stack disclosure in Linux compatibility layer
FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2)
FreeBSD -- ktrace kernel memory disclosure
FreeBSD -- Linux compatibility layer incorrect futex handling
FreeBSD -- Linux compatibility layer issetugid(2) system call
FreeBSD -- Linux compatibility layer setgroups(2) system call
FreeBSD -- Local privilege escalation in IRET handler
FreeBSD -- memory leak in sandboxed namei lookup
FreeBSD -- Resource exhaustion due to sessions stuck in LAST_ACK state
FreeBSD -- Resource exhaustion in TCP reassembly
FreeBSD -- SCTP ICMPv6 error message vulnerability
FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure
FreeBSD -- SCTP stream reset vulnerability
FreeBSD -- TCP MD5 signature denial of service
FreeBSD -- TCP reassembly vulnerability
2016-08-09 FreeBSD -- Incorrect privilege validation in the NFS server
FreeBSD -- integer overflow in IP_MSFILTER
FreeBSD -- Kernel memory disclosure in sctp(4)