Re: Unable to update to 14.1-p6
- In reply to: Kevin Oberman : "Unable to update to 14.1-p6"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 16 Nov 2024 20:02:46 UTC
On 2024-11-16 10:45, Kevin Oberman wrote: > I am running 14.1-p5 and get a daily message that I have a kernel security vulnerability: > Checking for security vulnerabilities in base (userland & kernel): > Fetching vuln.xml.xz: .......... done > FreeBSD-kernel-14.1_5 is vulnerable: > FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer > CVE: CVE-2024-39281 > WWW: https://vuxml.FreeBSD.org/freebsd/8caa5d60-a174-11ef-9a62-002590c1f29c.html <https://vuxml.FreeBSD.org/ > freebsd/8caa5d60-a174-11ef-9a62-002590c1f29c.html> > But attempts to use freebsd-update don't update to p6. > # freebsd-update fetch > src component not installed, skipped > Looking up update.FreeBSD.org <http://update.FreeBSD.org> mirrors... 3 mirrors found. > Fetching metadata signature for 14.1-RELEASE from update1.freebsd.org... done. > Fetching metadata index... done. > Inspecting system... done. > Preparing to download files... done. > > No updates needed to update system to 14.1-RELEASE-p6. > # freebsd-update install > src component not installed, skipped > No updates are available to install. > Run 'freebsd-update [options] fetch' first. > > I am baffled. A reboot leaves me at p5, but I can't seem to get p6 as freebsd-update seems to think it's already > installed, but freebsd-version shows: > # freebsd-version -kur > 14.1-RELEASE-p5 > 14.1-RELEASE-p5 > 14.1-RELEASE-p6 > > I could pull down the kernel sources and build it, but that should not be needed. > -- > Kevin Oberman, Part time kid herder and retired Network Engineer > E-mail: rkoberman@gmail.com <mailto:rkoberman@gmail.com> > PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 Hello, Just a note to say that I am seeing the same thing: FreeBSD-kernel-14.1_5 is vulnerable: FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer CVE: CVE-2024-39281 % freebsd-version -k 14.1-RELEASE-p5 % freebsd-version -u 14.1-RELEASE-p6 % freebsd-version -r 14.1-RELEASE-p5 % uname -a FreeBSD desk.example.com 14.1-RELEASE-p5 FreeBSD 14.1-RELEASE-p5 GENERIC amd64 The freebsd-update fetch/install completed successfully except for the above mismatches, afterwards. Mark P.S. I am also seeing this mismatch with 13.3-p7 to 13.3-p8: FreeBSD-kernel-13.3_7 is vulnerable: FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer CVE: CVE-2024-39281 % freebsd-version -k 13.3-RELEASE-p7 % freebsd-version -u 13.3-RELEASE-p8 % freebsd-version -r 13.3-RELEASE-p7 % uname -a FreeBSD mail.example.com 13.3-RELEASE-p7 FreeBSD 13.3-RELEASE-p7 GENERIC amd64 Again, the freebsd-update fetch/install worked as usual and won't find anything given another freebsd-update fetch cycle.