FreeBSD-kernel-13.4_1 is vulnerable

Reply: Dan Langille: "Re: FreeBSD-kernel-13.4_1 is vulnerable"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jos Chrispijn <josc_at_cloudzeeland.nl>
Date: Fri, 29 Nov 2024 09:05:38 UTC

Not sure if I oversee an update, but still get this message

Checking for security vulnerabilities in base (userland & kernel):
Database fetched: 2024-11-27T23:30+01:00
FreeBSD-kernel-13.4_1 is vulnerable:
FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer
CVE: CVE-2024-39281
WWW: 
https://vuxml.FreeBSD.org/freebsd/8caa5d60-a174-11ef-9a62-002590c1f29c.html 
<https://vuxml.FreeBSD.org/freebsd/8caa5d60-a174-11ef-9a62-002590c1f29c.html>

Understand that for FreeBSD 14 this issue has been solved.
Can you tell me when a fix will be released for 13.4?

Thanks,
Jos