FreeBSD sound(4) has two mmap vulnerabilities (CVE-2026-45258, CVE-2026-49417) that allow unprivileged local users to read/write kernel memory via /dev/dsp, enabling privilege escalation or DoS; patches are available for 14.3, 14.4, 15.0, and 15.1.
FreeBSD's ldns stub resolver fails to validate DNS response source address, port, transaction ID, or question section, letting an off-path attacker forge UDP replies and inject arbitrary DNS data into programs like drill(1). Update via pkg, freebsd-update, or source patch.
Multiple OpenSSL vulnerabilities affecting FreeBSD 14.x and 15.x, including heap buffer overflows, NULL dereferences, use-after-free, and cryptographic flaws, with patches available for all supported branches.
An integer overflow in the vt(4) CONS_HISTORY ioctl that can allow an unprivileged local user to trigger an out-of-bounds kernel write and potentially escalate privileges, with patches available for all supported FreeBSD branches.
Multiple vulnerabilities in unbound affecting all supported versions, ranging from DoS to possible remote code execution during DNSSEC validation, with corrections available.
An unprivileged local user can disable ASLR for setuid PIE binaries via procctl(2) before execve(2), making exploitation of memory corruption vulnerabilities easier. Patches are available for all supported releases.
FreeBSD has issued a security advisory for an Arm CPU erratum that may allow privilege escalation by bypassing page table permission changes on affected Cortex-A, Neoverse, and C1 models, with patches available for all supported releases.
FreeBSD's Linuxulator incorrectly sets ATSECURE to zero for setugid Linux binaries, allowing unprivileged users to inject shared libraries via LDPRELOAD and gain elevated privileges; patches are available for all supported releases.
A use-after-free in the IPv6 IPV6_MSFILTER socket option handler allows a local unprivileged user to escalate privileges; all supported FreeBSD versions are affected and patches are available for 14.3, 14.4, 15.0, and 15.1.
sigqueue(2) lacks a capability mode check, allowing a sandboxed process to send signals to other processes, bypassing Capsicum restrictions. Patches and updates are available for FreeBSD 14.3, 14.4, 15.0, and 15.1.
FreeBSD sound(4) has two mmap vulnerabilities (CVE-2026-45258, CVE-2026-49417) that allow unprivileged local users to read/write kernel memory via /dev/dsp, enabling privilege escalation or DoS; patches are available for 14.3, 14.4, 15.0, and 15.1.
FreeBSD thrkill2(2) fails to check the result of pcansignal(), letting unprivileged local users send arbitrary signals to any process or thread, including root or jailed processes, enabling DoS; patches are available for all supported releases.
FreeBSD has updated OpenSSL to 3.0.20 (FreeBSD 14) and 3.5.6 (FreeBSD 15) to fix multiple CVEs including NULL dereferences, use-after-free, and a heap buffer overflow, generally leading to crashes or DoS.
A memory leak in syslogd(8) affecting FreeBSD 15.0 and later, where casper_ttymsg() fails to free message strings, causing unbounded growth of the syslogd.casper helper process.
Architecture-specific notes on running OpenBSD as a QEMU guest, with working command lines for amd64, arm64, armv7, i386, riscv64, and sparc64, and failure points for alpha, hppa, landisk, loongson, luna88k, macppc, octeon, and powerpc64.
In this video author explores how to enable vscode "Remote SSH" to connect to a FreeBSD machine, showing three different ways to achieve this.
This week's roundup covers FreeBSD 15.1-RC3, OpenBSD updating clang/lld to 22.1.6 and adding boot-time relinking for httpd and smtpd, NetBSD's GSoC 2026 contributors, an analysis of a compromised pfSense firewall, using object storage with OpenZFS and SeaweedFS, and more.
The third release candidate build for the FreeBSD 15.1 release cycle is now available. ISO images for the amd64, armv7, aarch64, powerpc64, powerpc64le, and riscv64 architectures are FreeBSD mirror sites.
The NetBSD Foundation’s 2026 AGM covers progress on NetBSD 11.0 (now at RC5), the CVS-to-Git/Mercurial migration, and infrastructure challenges like LLM scraping and hardware aging. Highlights include five Google Summer of Code projects, CNA onboarding for security advisories, and plans to streamline release cycles. The full IRC log details team updates from core, admins, releng, and security.
Author details how to cache Mastodon with nginx on FreeBSD while handling content negotiation correctly, covering cache keys for HTML/ActivityPub/JSON variants, bypass rules for private traffic, and TTL strategies for assets, media, and dynamic pages. The guide includes production-tested configurations for thundering-herd protection, failover, and logging to verify cache behavior.
OpenBSD now randomizes the link order of httpd and smtpd at boot, extending the anti-exploit measure already used by sshd. Theo de Raadt’s commits split smtpd into six privsep binaries for finer-grained relinking and add a generalized RELINK mechanism in bsd.prog.mk to simplify future adoption. The changes are available in snapshots for testing.
fatgid exploit details, why ZFS excels for multi-user media production, and a guide to hosting a private pkg repo behind mutual TLS for secure BSD package distribution.
The FreeBSD community hosted its first regional hackathon in Frankfurt, Germany, from April 24–26, 2026, drawing 25 participants from across Europe, including experienced committers and newcomers. Held at a sponsored Innovation Lab, the event featured intensive hacking sessions and yielded key contributions, such as closing 120 bugs, implementing Software Bill of Materials (SBOM) functionality, and completing a German translation of the Sylve tool. The hackathon also facilitated networking and informal discussions during a sponsored barbecue lunch, with organizers expressing plans to repeat the event in future years due to its success.
The FreeBSD Foundation announced that travel grant applications are now open for EuroBSDCon 2026, taking place September 9–13, 2026, in Brussels, Belgium. Application deadline: July 7, 2026.