--- title: "FreeBSD 14.0-RELEASE Errata" sidenav: download --- :release: 14.0-RELEASE :releaseNext: 14.1-RELEASE :releaseBranch: 14-STABLE = FreeBSD {release} Errata == Abstract This document lists errata items for FreeBSD {release}, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD. This errata document for FreeBSD {release} will be maintained until the release of FreeBSD {releaseNext}. == Table of Contents * <> * <> * <> * <> * <> * <> [[intro]] == Introduction This errata document contains "late-breaking news" about FreeBSD {release}. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed. Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at https://www.FreeBSD.org/releases/, plus any sites which keep up-to-date mirrors of this location. Source and binary snapshots of FreeBSD {releaseBranch} also contain up-to-date copies of this document (as of the time of the snapshot). For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/security/. [[security]] == Security Advisories [width="100%",cols="40%,30%,30%",options="header",] |=== |Advisory |Date |Topic |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4) |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload] |14 February 2024 |bhyveload(8) host file access |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:02.tty.asc[FreeBSD-SA-24:02.tty] |14 February 2024 |jail(2) information leak |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound] |28 March 2024 |Multiple vulnerabilities in unbound |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] |1 July 2024 |OpenSSH pre-authentication remote code execution |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] |7 August 2024 |pf incorrectly matches different ICMPv6 states in the state table |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] |7 August 2024 |ktrace(2) fails to detach when executing a setuid binary |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] |7 August 2024 |NFS client accepts file names containing path separators |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] |7 August 2024 |OpenSSH pre-authentication async signal safety issue |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:09.libnv.asc[FreeBSD-SA-24:09.libnv] |4 September 2024 |Multiple vulnerabilities in libnv |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:10.bhyve.asc[FreeBSD-SA-24:10.bhyve] |4 September 2024 |bhyve(8) privileged guest escape via TPM device passthrough |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:11.ctl.asc[FreeBSD-SA-24:11.ctl] |4 September 2024 |Multiple issues in ctl(4) CAM Target Layer |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:12.bhyve.asc[FreeBSD-SA-24:12.bhyve] |4 September 2024 |bhyve(8) privileged guest escape via USB controller |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:13.openssl.asc[FreeBSD-SA-24:13.openssl] |4 September 2024 |Possible DoS in X.509 name checks in OpenSSL |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:14.umtx.asc[FreeBSD-SA-24:14.umtx] |4 September 2024 |umtx Kernel panic or Use-After-Free |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:15.bhyve.asc[FreeBSD-SA-24:15.bhyve] |19 September 2024 |bhyve(8) out-of-bounds read access via XHCI emulation |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:16.libnv.asc[FreeBSD-SA-24:16.libnv] |19 September 2024 |Integer overflow in libnv |=== [[errata]] == Errata Notices [width="100%",cols="40%,30%,30%",options="header",] |=== |Errata |Date |Topic |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:15.sanitizer.asc[FreeBSD-EN-23:15.sanitizer] |1 December 2023 |Clang sanitizer failure with ASLR enabled |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:16.openzfs.asc[FreeBSD-EN-23:16.openzfs] |1 December 2023 |OpenZFS data corruption |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:17.ossl.asc[FreeBSD-EN-23:17.ossl] |5 December 2023 |ossl(4)'s AES-GCM implementation may give incorrect results |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:18.openzfs.asc[FreeBSD-EN-23:18.openzfs] |5 December 2023 |High CPU usage by ZFS kernel threads |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:19.pkgbase.asc[FreeBSD-EN-23:19.pkgbase] |5 December 2023 |Incorrect pkgbase version number for FreeBSD 14.0 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:20.vm.asc[FreeBSD-EN-23:20.vm] |5 December 2023 |Incorrect results from the kernel physical memory allocator |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:21.tty.asc[FreeBSD-EN-23:21.tty] |5 December 2023 |tty(4) IUTF8 causes a kernel panic |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:22.vfs.asc[FreeBSD-EN-23:22.vfs] |5 December 2023 |ZFS snapshot directories not accessible over NFS |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:01.tzdata.asc[FreeBSD-EN-24:01.tzdata] |14 February 2024 |Timezone database information update |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:02.libutil.asc[FreeBSD-EN-24:02.libutil] |14 February 2024 |Login class resource limits and CPU mask bypass |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:03.kqueue.asc[FreeBSD-EN-24:03.kqueue] |14 February 2024 |kqueue_close(2) page fault on exit using rfork(2) |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:04.ip.asc[FreeBSD-EN-24:04.ip] |14 February 2024 |Kernel panic triggered by bind(2) |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:05.tty.asc[FreeBSD-EN-24:05.tty] |28 March 2024 |TTY Kernel Panic |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:06.wireguard.asc[FreeBSD-EN-24:06.wireguard] |28 March 2024 |Insufficient barriers in WireGuard if_wg(4) |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:07.clang.asc[FreeBSD-EN-24:07.clang] |28 March 2024 |Clang crash when certain optimization is enabled |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:08.kerberos.asc[FreeBSD-EN-24:08.kerberos] |28 March 2024 |Kerberos segfaults when using weak crypto |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:11.ldns.asc[FreeBSD-EN-24:11.ldns] |19 June 2024 |LDNS uses nameserver commented out in resolv.conf |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:14.ifconfig.asc[FreeBSD-EN-24:14.ifconfig] |7 August 2024 |Incorrect ifconfig netmask assignment |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:15.calendar.asc[FreeBSD-EN-24:15.calendar] |4 September 2024 |cron(8) / periodic(8) session login |link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:16.pf.asc[FreeBSD-EN-24:16.pf] |19 September 2024 |Incorrect ICMPv6 state handling in pf |=== [[open-issues]] == Open Issues No open issues. [[late-news]] == Late-Breaking News No late-breaking news.