Versions
12.0-RELEASE before 12.0-RELEASE-p13
FreeBSD 13.0-RELEASE before p6, 12.2-RELEASE before p12
11.3-RELEASE before 11.3-RELEASE-p3
FreeBSD 11.4-RELEASE before p1
12.1-RELEASE before 12.1-RELEASE-p2
12.1-STABLE before r354734
FreeBSD 12.1-RELEASE before p10, 11.4-RELEASE before p4, 11.3-RELEASE before p14
FreeBSD 11.3-RELEASE before p9
FreeBSD 13.0-RELEASE before p4, 12.2-RELEASE before p10, 11.4-RELEASE before p13
FreeBSD 12.2-RELEASE before p4, 11.4-RELEASE before p8
11.3-RELEASE before 11.3-RELEASE-p2
FreeBSD 12.1-RELEASE before p9, 11.4-RELEASE before p3, 11.3-RELEASE before p13
FreeBSD 12.0 before 12.0-RELEASE-p6
12.0-RELEASE before 12.0-RELEASE-p9
FreeBSD 12.1-RELEASE before p6, 11.3-RELEASE before p10, and 11.4-RC2 before p1
11.3-STABLE before r357214
12.0 before 12.0-RELEASE-p13
FreeBSD 12.2-RELEASE before p6, 11.4-RELEASE before p9
FreeBSD 11.2 before 11.2-RELEASE-p10 and 12.0 before 12.0-RELEASE-p4
11.3-RELEASE before 11.3-RELEASE-p6
12.1-STABLE before r356606, 12.1-RELEASE before 12.1-RELEASE-p3
FreeBSD 11.3-RELEASE before p13
FreeBSD 13.0-RELEASE before p1, 12.2-RELEASE before p7, 11.4-RELEASE before p10
FreeBSD 12.2-RELEASE before p6
before 12.0-RELEASE-p9
FreeBSD 12.1-RELEASE before p7, 11.4-RELEASE before p1, 11.3-RELEASE before p11
FreeBSD 8.0, 6.3 and 4.9, OpenBSD 4.6
FreeBSD 12.2-RELEASE before p1, 12.1-RELEASE before p11, 11.4-RELEASE before p5
FreeBSD 12.1-RELEASE before p5, and 11.3-RELEASE before p9
FreeBSD 12.2-RELEASE before p3, 12.1-RELEASE before p13, 11.4-RELEASE before p7
before 11.3-RELEASE-p2
before 11.2-RELEASE-p14
11.2-RELEASE before 11.2-RELEASE-p13
FreeBSD 12.1-RELEASE before p5, 11.4-BETA1 before p1, and 11.3-RELEASE before p9
12.1-STABLE before r357213
before 11.3-RELEASE-p3
FreeBSD 13.0-RELEASE before p1, 12.2-RELEASE before p7
before 12.0-RELEASE-p10
11.2-RELEASE before 11.2-RELEASE-p14
12.0-RELEASE before 12.0-RELEASE-p10
FreeBSD 12.1-RELEASE before p5
11.3-STABLE before r354735
and before 11.2-RELEASE-p13
FreeBSD 12.1-RELEASE before p8, 11.4-RELEASE before p2, 11.3-RELEASE before p12
Recent CVEs
CVE-2021-29632
In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the system console or other kernel memory.
CVE-2021-29630
In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a malicious attacker in a privileged network position to overwrite the stack of ggatec and potentially execute arbitrary code.
CVE-2021-29631
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process.
CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
CVE-2020-7469
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet buffer may be freed, rendering the cached pointer invalid. The network stack may later dereference the pointer, potentially triggering a use-after-free.
CVE-2021-29629
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively.
CVE-2020-25583
In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold(8) decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains the label's length. rtsold(8) did not validate label lengths correctly and could overflow the destination buffer.
CVE-2020-25577
In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow.