=== Capsicum and Bhyve Code Audit Contact: Ed Maste Contact: Pierre Pronchery With the support of the link:https://alpha-omega.dev/[Alpha-Omega project], the FreeBSD Foundation undertook code audits of two important subsystems -- the bhyve hypervisor, and the Capsicum sandboxing framework. In addition to uncovering vulnerabilities in these systems to correct, the audits look to identify classes of vulnerabilities and/or suboptimal coding practices that we can look to address across the project. The Foundation interviewed several firms, and selected Synacktiv to perform the audit. A number of issues with critical and high severity were identified, which have been fixed as documented in security advisories: * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:09.libnv.asc[FreeBSD-SA-24:09.libnv] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:10.bhyve.asc[FreeBSD-SA-24:10.bhyve] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:11.ctl.asc[FreeBSD-SA-24:11.ctl] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:12.bhyve.asc[FreeBSD-SA-24:12.bhyve] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:14.umtx.asc[FreeBSD-SA-24:14.umtx] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:15.bhyve.asc[FreeBSD-SA-24:15.bhyve] * link:https://www.freebsd.org/security/advisories/FreeBSD-SA-24:16.libnv.asc[FreeBSD-SA-24:16.libnv] Fixes are in progress for a number of lower-severity issues. The code audit report will be shared in the near future, after issues above a severity threshold have been addressed. The FreeBSD Foundation will also publish a report including commentary on the impact of the Synacktiv code audit report, classes of vulnerabilities identified, and lessons learned. More information is available in the link:https://github.com/ossf/alpha-omega/tree/main/alpha/engagements/2024/FreeBSD[Alpha-Omega repository]. Sponsor: The FreeBSD Foundation