Oddbean

FreeBSD Foundation releases Bhyve and Capsicum security audit The FreeBSD Foundation has https://freebsdfoundation.org/blog/strengthening-freebsd-addressing-vulnerabilities-through-synacktivs-code-audit/ the release of a <a href="https://freebsdfoundation.org/wp-content/uploads/2024/11/2024_Code_Audit_Capsicum_Bhyve_FreeBSD_Foundation.pdf" rel="nofollow">security audit report</a> conducted by security firm https://www.synacktiv.com/en . The audit uncovered a number of vulnerabilities: Most of these vulnerabilities have been addressed through <a href="https://www.freebsd.org/security/advisories/" rel="nofollow">official FreeBSD Project security advisories</a>, which offer detailed information about each vulnerability, its impact, and the measures implemented to improve the security of FreeBSD systems. [...] The audit uncovered 27 vulnerabilities and issues within various FreeBSD subsystems. 7 issues were not exploitable and were robustness or code quality improvements rather than immediate security concerns. https://lwn.net/Articles/998615/