FreeBSD 15.1-RELEASE is now available for amd64, aarch64, armv7, powerpc64, powerpc64le, and riscv64, featuring LinuxKPI-based wireless drivers on Linux 7.0, boot-time scheduler selection, C23 language support progress, and Unicode 17.0.0 with 4,803 new characters.
The drm-kmod port now includes Linux 6.12 LTS graphics drivers for FreeBSD 15.1+, improving compatibility with modern AMD Radeon and Intel hardware, stability, and Wayland support, with SLTS planned to 2036 via CIP.
FreeBSD 15.1-RELEASE is now available for amd64, aarch64, armv7, powerpc64, powerpc64le, and riscv64, featuring LinuxKPI-based wireless drivers on Linux 7.0, boot-time scheduler selection, C23 language support progress, and Unicode 17.0.0 with 4,803 new characters.
The FreeBSD Foundation has launched a 6-month, $250k project funded by Alpha Omega to engage Security Team members in using AI tools to discover and manually patch vulnerabilities in the FreeBSD kernel, base system, and ports tree, while also improving fuzzing and triage infrastructure.
This week covers FreeBSD Git Weekly updates, native inotify in FreeBSD, OpenBSD splitting syslogd into privileged and non-privileged binaries, a new FreeBSD rcd service manager daemon, Klara and TrueNAS fixing a long-standing ZFS deduplication issue, and more.
OpenBSD's syslogd now splits its privileged and non-privileged components into separate binaries, with the parent process forked and exec'd for stronger isolation and a smaller image size, and the rcctl script updated accordingly.
.NET on FreeBSD 15, Klara and TrueNAS fixing dedup, dhcpcd and unbound in FreeBSD Jails, and more.
FreeBSD's ldns stub resolver fails to validate DNS response source address, port, transaction ID, or question section, letting an off-path attacker forge UDP replies and inject arbitrary DNS data into programs like drill(1). Update via pkg, freebsd-update, or source patch.
Multiple OpenSSL vulnerabilities affecting FreeBSD 14.x and 15.x, including heap buffer overflows, NULL dereferences, use-after-free, and cryptographic flaws, with patches available for all supported branches.
An integer overflow in the vt(4) CONS_HISTORY ioctl that can allow an unprivileged local user to trigger an out-of-bounds kernel write and potentially escalate privileges, with patches available for all supported FreeBSD branches.
Multiple vulnerabilities in unbound affecting all supported versions, ranging from DoS to possible remote code execution during DNSSEC validation, with corrections available.
An unprivileged local user can disable ASLR for setuid PIE binaries via procctl(2) before execve(2), making exploitation of memory corruption vulnerabilities easier. Patches are available for all supported releases.
FreeBSD has issued a security advisory for an Arm CPU erratum that may allow privilege escalation by bypassing page table permission changes on affected Cortex-A, Neoverse, and C1 models, with patches available for all supported releases.
FreeBSD's Linuxulator incorrectly sets ATSECURE to zero for setugid Linux binaries, allowing unprivileged users to inject shared libraries via LDPRELOAD and gain elevated privileges; patches are available for all supported releases.
A use-after-free in the IPv6 IPV6_MSFILTER socket option handler allows a local unprivileged user to escalate privileges; all supported FreeBSD versions are affected and patches are available for 14.3, 14.4, 15.0, and 15.1.
sigqueue(2) lacks a capability mode check, allowing a sandboxed process to send signals to other processes, bypassing Capsicum restrictions. Patches and updates are available for FreeBSD 14.3, 14.4, 15.0, and 15.1.
FreeBSD sound(4) has two mmap vulnerabilities (CVE-2026-45258, CVE-2026-49417) that allow unprivileged local users to read/write kernel memory via /dev/dsp, enabling privilege escalation or DoS; patches are available for 14.3, 14.4, 15.0, and 15.1.
FreeBSD thrkill2(2) fails to check the result of pcansignal(), letting unprivileged local users send arbitrary signals to any process or thread, including root or jailed processes, enabling DoS; patches are available for all supported releases.
FreeBSD has updated OpenSSL to 3.0.20 (FreeBSD 14) and 3.5.6 (FreeBSD 15) to fix multiple CVEs including NULL dereferences, use-after-free, and a heap buffer overflow, generally leading to crashes or DoS.
A memory leak in syslogd(8) affecting FreeBSD 15.0 and later, where casper_ttymsg() fails to free message strings, causing unbounded growth of the syslogd.casper helper process.