git: c825b69ca0 - main - Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 01 Jul 2026 00:00:00 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/doc/commit/?id=c825b69ca0b0cdd41f3980c9dd4b45ce6cded427
commit c825b69ca0b0cdd41f3980c9dd4b45ce6cded427
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-06-30 23:58:05 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-06-30 23:58:05 +0000
Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R
FreeBSD-SA-26:37.vm affects all supported releases
FreeBSD-SA-26:38.jail affects 15.0R and 15.1R
FreeBSD-SA-26:39.execve affects all supported releases
FreeBSD-SA-26:40.zfs affects all supported releases
FreeBSD-SA-26:41.libalias affects all supported releases
FreeBSD-SA-26:42.unlinkat affects all supported releases
FreeBSD-SA-26:43.tcp affects all supported releases
FreeBSD-SA-26:44.posixshm affects all supported releases
FreeBSD-SA-26:45.audit affects all supported releases
FreeBSD-SA-26:46.ktls affects all supported releases
FreeBSD-SA-26:47.linux affects 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:48.compat32 affects 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:49.iconv affects all supported releases
---
website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++
website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++
website/content/en/releases/15.0R/errata.adoc | 13 +++++++++++++
website/content/en/releases/15.1R/errata.adoc | 14 +++++++++++---
4 files changed, 48 insertions(+), 3 deletions(-)
diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index a067cccbd0..e564658d6b 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -84,6 +84,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
|===
[[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index df26ddd969..15249a694a 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -74,6 +74,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
|===
[[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index 0a35ba1a06..349252067b 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -79,6 +79,19 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
|===
[[errata]]
diff --git a/website/content/en/releases/15.1R/errata.adoc b/website/content/en/releases/15.1R/errata.adoc
index 102cb395fc..26af480806 100644
--- a/website/content/en/releases/15.1R/errata.adoc
+++ b/website/content/en/releases/15.1R/errata.adoc
@@ -44,9 +44,17 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-
-|No advisories.||
-
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
|===
[[errata]]