FreeBSD 13.1 Patch 8

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:13.1:p8:*:*:*:*:*:*

part: o version: 13.1 update: p8

VendorFreebsd (1e86ea60-a74f-5f45-ac35-3eb819c9e064)
ProductFreebsd (be9b20ed-2a20-5a94-a224-b1a6fdcacb17)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/freebsd/freebsd-src purl2cpe 2026-06-01 10:12:45.165378

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-3494 vulnerable 2026-06-08 06:09:39.725322 bhyve privileged guest escape via fwctl
The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copying this string. Malicious, privileged software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root, mitigated by the capabilities assigned through the Capsicum sandbox available to the bhyve process.
Published: 2023-08-01T22:13:21.634Z
Updated: 2025-02-13T16:55:41.138Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-3107 vulnerable 2026-06-08 06:09:38.554345 Remote denial of service in IPv6 fragment reassembly
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.
Published: 2023-08-01T22:01:07.584Z
Updated: 2025-07-09T13:45:34.790Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.