From a48c9b906235b1162abe8866ad8615e9f6bea1f6 Mon Sep 17 00:00:00 2001 From: Ed Maste Date: Thu, 29 Aug 2024 21:57:18 -0400 Subject: [PATCH] Update FreeBSD 2024-08 report with commit links Signed-off-by: Ed Maste --- alpha/engagements/2024/FreeBSD/update-2024-08.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/alpha/engagements/2024/FreeBSD/update-2024-08.md b/alpha/engagements/2024/FreeBSD/update-2024-08.md index d9fef970..789a73a1 100644 --- a/alpha/engagements/2024/FreeBSD/update-2024-08.md +++ b/alpha/engagements/2024/FreeBSD/update-2024-08.md @@ -29,6 +29,15 @@ Work this month has been in collaboration with FreeBSD project volunteers, focus The Synacktiv report will be released once these processes have been completed. Tentative date for this is September 30, 2024. +Lower severity vulnerabilities that have now been fixed include: + +* [HYP-16: Kernel heap info leak in ctl_request_sense](https://cgit.FreeBSD.org/src/commit/?id=db87c98168b1605f067d283fa36a710369c3849d) +* [HYP-21: fbaddr updated when vm_mmap_memseg fails](https://cgit.FreeBSD.org/src/commit/?id=85707cfdaddc179af8bd2623091eb1b8c58fed4a) +* [CAP-04: Kernel uninitialized heap memory read due to missing error check in acl_copyin](https://cgit.FreeBSD.org/src/commit/?id=6ee6c7b146643170602091e8c330314e4ef47b42) +* [CAP-05: Kernel iov counter is not decremented in pipe write buffer](https://cgit.FreeBSD.org/src/commit/?id=d8ff42e816848a0d4a427755b46b8560cb86ebc8) + +As a followup to CAP-04 we [added the `__result_use_check` function attribute](https://cgit.FreeBSD.org/src/commit/?id=ef9fc9609a1ff53047577aa7cf51246fc04c954b) to turn any similar future misuse into a compile-time error. + For more information about the code audit, please see earlier updates (June and July 2024) held in this repo. The Foundation is also working with the bhyve and Capsicum subsystem maintainer teams to identify classes of vulnerabilities indicated by the code audit findings. Tentative date for completion is September 30, 2024.