git: 57e752f69a - main - Add security advisories affecting 14.3R, 14.4R and 15.0R
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 10 Jun 2026 00:56:54 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/doc/commit/?id=57e752f69ac97b06c90ec856abaf7bf45b99596f
commit 57e752f69ac97b06c90ec856abaf7bf45b99596f
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-06-10 00:54:10 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-06-10 00:54:10 +0000
Add security advisories affecting 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:25.thr affects all supported releases
FreeBSD-SA-26:26.ktls affects all supported releases
FreeBSD-SA-26:27.sound affects all supported releases
FreeBSD-SA-26:28.capsicum affects all supported releases
FreeBSD-SA-26:29.ip6_multicast affects all supported releases
FreeBSD-SA-26:30.linux affects all supported releases
FreeBSD-SA-26:31.arm64 affects all supported releases
FreeBSD-SA-26:32.elf affects all supported releases
FreeBSD-SA-26:33.unbound affects all supported releases
FreeBSD-SA-26:34.vt affects all supported releases
FreeBSD-SA-26:35.openssl affects all supported releases
FreeBSD-SA-26:36.ldns affects all supported releases
---
website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++
website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++
website/content/en/releases/15.0R/errata.adoc | 12 ++++++++++++
3 files changed, 36 insertions(+)
diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index 6f110d0cae..2b20c4c49a 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -72,6 +72,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
|===
[[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index 4868a9a365..4f6eedbc5f 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -62,6 +62,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
|===
[[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index 2bf793af83..8316c7d8f8 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -67,6 +67,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
|===
[[errata]]