Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2019-04-23 FreeBSD -- EAP-pwd message reassembly issue with unexpected fragment
FreeBSD -- EAP-pwd missing commit validation
FreeBSD -- EAP-pwd side-channel attack
FreeBSD -- SAE confirm missing state validation
FreeBSD -- SAE side-channel attacks
2017-10-16 WPA packet number reuse with replayed messages and key reinstallation
2016-05-20 hostapd and wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written
2016-04-19 hostapd and wpa_supplicant -- multiple vulnerabilities
2015-06-01 hostapd and wpa_supplicant -- multiple vulnerabilities