-
-001: INTEROPERABILITY FIX: May 2, 2017
+001: INTEROPERABILITY FIX: May 2, 2017All architectures
dhcpd unconditionally echoed the client identifier, preventing some devices
@@ -106,8 +103,7 @@
-
-002: SECURITY FIX: May 2, 2017
+002: SECURITY FIX: May 2, 2017amd64
vmm mismanaged floating point contexts.
@@ -117,8 +113,7 @@
-
-003: SECURITY FIX: May 2, 2017
+003: SECURITY FIX: May 2, 2017All architectures
A consistency check error could cause programs to incorrectly verify
@@ -129,8 +124,7 @@
-
-004: RELIABILITY FIX: May 2, 2017
+004: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
@@ -141,8 +135,7 @@
-
-005: RELIABILITY FIX: May 6, 2017
+005: RELIABILITY FIX: May 6, 2017All architectures
Expired pf source tracking entries never got removed, leading to
@@ -153,8 +146,7 @@
-
-006: RELIABILITY FIX: May 8, 2017
+006: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
@@ -164,8 +156,7 @@
-
-007: SECURITY FIX: May 13, 2017
+007: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
@@ -175,8 +166,7 @@
-
-008: SECURITY FIX: May 19, 2017
+008: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
@@ -187,8 +177,7 @@
-
-009: RELIABILITY FIX: May 22, 2017
+009: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
@@ -199,8 +188,7 @@
-
-010: SECURITY FIX: June 4, 2017
+010: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
@@ -210,8 +198,7 @@
-
-011: SECURITY FIX: June 12, 2017
+011: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
@@ -221,8 +208,7 @@
-
-012: RELIABILITY FIX: June 12, 2017
+012: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
@@ -232,8 +218,7 @@
-
-013: RELIABILITY FIX: June 27, 2017
+013: RELIABILITY FIX: June 27, 2017All architectures
When pinging an IPv6 link-local address, the reflected packet had
@@ -245,8 +230,7 @@
-
-014: RELIABILITY FIX: July 5, 2017
+014: RELIABILITY FIX: July 5, 2017All architectures
Self-issued certificates are improperly treated as self-signed certificates,
@@ -257,8 +241,7 @@
-
-015: RELIABILITY FIX: August 3, 2017
+015: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
@@ -268,8 +251,7 @@
-
-016: RELIABILITY FIX: August 3, 2017
+016: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
@@ -279,8 +261,7 @@
-
-017: SECURITY FIX: August 3, 2017
+017: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
@@ -291,8 +272,7 @@
-
-018: SECURITY FIX: August 3, 2017
+018: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
@@ -302,8 +282,7 @@
-
-019: SECURITY FIX: August 3, 2017
+019: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
@@ -313,8 +292,7 @@
-
-020: SECURITY FIX: August 3, 2017
+020: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
@@ -324,8 +302,7 @@
-
-021: SECURITY FIX: August 3, 2017
+021: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
@@ -335,8 +312,7 @@
-
-022: SECURITY FIX: August 3, 2017
+022: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
@@ -346,8 +322,7 @@
-
-023: RELIABILITY FIX: August 3, 2017
+023: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
@@ -358,8 +333,7 @@
-
-024: SECURITY FIX: August 3, 2017
+024: SECURITY FIX: August 3, 2017All architectures
A race condition in sosplice() may result in a kernel memory leak.
@@ -369,8 +343,7 @@
-
-025: SECURITY FIX: August 3, 2017
+025: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
@@ -382,8 +355,7 @@
-
-026: SECURITY FIX: August 26, 2017
+026: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
@@ -393,8 +365,7 @@
-
-027: SECURITY FIX: August 30, 2017
+027: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
@@ -404,8 +375,7 @@
-
-028: SECURITY FIX: September 22, 2017
+028: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
@@ -416,8 +386,7 @@
-
-029: RELIABILITY FIX: September 27, 2017
+029: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
@@ -427,8 +396,7 @@
-
-030: RELIABILITY FIX: October 4, 2017
+030: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
@@ -438,8 +406,7 @@
-
-031: SECURITY FIX: October 4, 2017
+031: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
@@ -449,8 +416,7 @@
-
-032: RELIABILITY FIX: October 13, 2017
+032: RELIABILITY FIX: October 13, 2017amd64
A local user could trigger a kernel panic by using an invalid TCB value.
@@ -460,8 +426,7 @@
-
-033: RELIABILITY FIX: December 10, 2017
+033: RELIABILITY FIX: December 10, 2017
All architectures
A number of bugs were discovered in the MPLS stack that can be used to
@@ -472,8 +437,7 @@
-
-034: RELIABILITY FIX: February 2, 2018
+034: RELIABILITY FIX: February 2, 2018All architectures
Specially crafted IPsec AH packets with IP options or IPv6 extension
@@ -484,8 +448,7 @@
-
-035: RELIABILITY FIX: February 2, 2018
+035: RELIABILITY FIX: February 2, 2018All architectures
Processing IPv6 fragments could incorrectly access memory of an mbuf
@@ -496,8 +459,7 @@
-
-036: SECURITY FIX: February 2, 2018
+036: SECURITY FIX: February 2, 2018All architectures
If the EtherIP tunnel protocol was disabled, IPv6 packets were not
@@ -508,8 +470,7 @@
-
-037: SECURITY FIX: March 1, 2018
+037: SECURITY FIX: March 1, 2018amd64
Intel CPUs contain a speculative execution flaw called Meltdown which
@@ -520,8 +481,7 @@
-
-038: RELIABILITY FIX: March 20, 2018
+038: RELIABILITY FIX: March 20, 2018All architectures
The IPsec AH header could be longer than the network packet, resulting in
@@ -532,8 +492,7 @@
-
-039: SECURITY FIX: April 14, 2018
+039: SECURITY FIX: April 14, 2018All architectures
Heap overflows exist in perl which can lead to segmentation faults,
@@ -546,6 +505,3 @@