Update FreeBSD 2024-08 report with commit links

Signed-off-by: Ed Maste <[email protected]>
ossf · Aug 30, 2024 · a48c9b9 · a48c9b9
1 parent 27f68da
commit a48c9b9
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/alpha/engagements/2024/FreeBSD/update-2024-08.md b/alpha/engagements/2024/FreeBSD/update-2024-08.md
@@ -29,6 +29,15 @@ Work this month has been in collaboration with FreeBSD project volunteers, focus
 
 The Synacktiv report will be released once these processes have been completed. Tentative date for this is September 30, 2024.
 
+Lower severity vulnerabilities that have now been fixed include:
+
+* [HYP-16: Kernel heap info leak in ctl_request_sense](https://cgit.FreeBSD.org/src/commit/?id=db87c98168b1605f067d283fa36a710369c3849d)
+* [HYP-21: fbaddr updated when vm_mmap_memseg fails](https://cgit.FreeBSD.org/src/commit/?id=85707cfdaddc179af8bd2623091eb1b8c58fed4a)
+* [CAP-04: Kernel uninitialized heap memory read due to missing error check in acl_copyin](https://cgit.FreeBSD.org/src/commit/?id=6ee6c7b146643170602091e8c330314e4ef47b42)
+* [CAP-05: Kernel iov counter is not decremented in pipe write buffer](https://cgit.FreeBSD.org/src/commit/?id=d8ff42e816848a0d4a427755b46b8560cb86ebc8)
+
+As a followup to CAP-04 we [added the `__result_use_check` function attribute](https://cgit.FreeBSD.org/src/commit/?id=ef9fc9609a1ff53047577aa7cf51246fc04c954b) to turn any similar future misuse into a compile-time error.
+
 For more information about the code audit, please see earlier updates (June and July 2024) held in this repo. 
 
 The Foundation is also working with the bhyve and Capsicum subsystem maintainer teams to identify classes of vulnerabilities indicated by the code audit findings. Tentative date for completion is September 30, 2024.