git: f6ce52f505 - main - Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 30 Apr 2026 01:31:46 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/doc/commit/?id=f6ce52f50591bdb84c5b866bf75501b12048c55f
commit f6ce52f50591bdb84c5b866bf75501b12048c55f
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-04-30 01:28:08 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-04-30 01:28:08 +0000
Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:12.dhclient affects all supported releases
FreeBSD-SA-26:13.exec affects all supported releases
FreeBSD-SA-26:14.pf affects all supported releases
FreeBSD-SA-26:15.dhclient affects all supported releases
FreeBSD-SA-26:16.libnv affects all supported releases
FreeBSD-SA-26:17.libnv affects all supported releases
---
website/content/en/releases/13.5R/errata.adoc | 6 ++++++
website/content/en/releases/14.3R/errata.adoc | 6 ++++++
website/content/en/releases/14.4R/errata.adoc | 6 ++++++
website/content/en/releases/15.0R/errata.adoc | 6 ++++++
4 files changed, 24 insertions(+)
diff --git a/website/content/en/releases/13.5R/errata.adoc b/website/content/en/releases/13.5R/errata.adoc
index e8751c59c3..bce64dd752 100644
--- a/website/content/en/releases/13.5R/errata.adoc
+++ b/website/content/en/releases/13.5R/errata.adoc
@@ -55,6 +55,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
|===
[[errata]]
diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index c5d3ff2eb6..11269e841d 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -59,6 +59,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
|===
[[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index 551d7e6cce..f58b4677d1 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -49,6 +49,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
|===
[[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index da400909ce..f891ed725f 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -54,6 +54,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
|===
[[errata]]