In FreeBSD eliminated a few vulnerabilities that allow the local user to raise their privileges, execute the code in the context of the nucleus or withdraw from the isolated Wounds:
- CVE-2024-43102 – The vulnerability in the implementation of the systemic systemCall_MTX_OP can be used to organize an appeal to the already released memory area (USE-After-Free) by simultaneously sending several UMTX_SHM_Destroy subordination. The potential risk allows circumvention of the isolation mechanism of Capsicum or achieving code at the nucleus level. The problem is fixed in updates 14.1-Release-P4, 14.0-Release-P10, and 13.3-Release-P6.
- CVE-2024-45287, CVE-2024-45288 – Vulnerabilities in the Libnv library used in the core and in the user space for processing lists in key/value format. The first problem is associated with an integer overflow leading to the allocation of a buffer, the size of a data block recorded in the buffer. The second problem is caused by the non-finishing zero symbol in the last element of the array, which leads to the possibility of recording abroad of the highlighted buffer. The vulnerability can potentially be used to increase privileges by rewriting memory areas in systemic processes or nucleus.
- CVE-2024-32668, CVE-2024-41928, CVE-2024-8178, CVE-2024-42416, CVE-2024-43110, CVE-2024-45063 – Vulnerabilities in
/Reports, release notes, official announcements.