1. Forum
  2. USENET
  3. muc.lists.freebsd.stable

  • Re: FreeBSD Errata Notice FreeBSD-EN-26:03.vm [and other notices/advisories from today: pkgbase instructions?]

    From Mark Millard@marklmi@yahoo.com to muc.lists.freebsd.stable on Tue Jan 27 15:56:50 2026
    From Newsgroup: muc.lists.freebsd.stable

    On 1/27/26 14:28, FreeBSD Errata Notices wrote:
    ============================================================================= FreeBSD-EN-26:03.vm Errata Notice
    The FreeBSD Project

    Topic: The page fault handler fails to zero memory

    Category: core
    Module: vm
    Announced: 2026-01-27
    Affects: All supported versions of FreeBSD.
    Corrected: 2025-12-15 10:37:54 UTC (stable/15, 15.0-STABLE)
    2026-01-27 19:15:47 UTC (releng/15.0, 15.0-RELEASE-p2)
    2025-12-15 10:42:28 UTC (stable/14, 14.3-STABLE)
    2026-01-27 19:16:12 UTC (releng/14.3, 14.3-RELEASE-p8)
    2026-01-26 15:18:32 UTC (stable/13, 13.4-STABLE)
    2026-01-27 19:16:34 UTC (releng/13.5, 13.5-RELEASE-p9)

    My notes use this Errata Notice as an example. But all 3 of the Errata
    Notices and the 2 Security Advisories released today look to have
    similar points relative to pkgbase-based FreeBSD OS installations.


    For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security
    branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>.

    I. Background

    The mmap(2) system call allows applications and system libraries to allocate heap memory using the MAP_ANON flag. The system call allocates virtual memory
    in the calling thread's address space and physical memory is allocated on demand as page faults occur. Memory allocated this way is guaranteed to be zero-filled.

    II. Problem Description

    Under some conditions, the physical pages allocated and mapped by the kernel may not be zero-filled.

    III. Impact

    This bug has been observed to cause process crashes.

    IV. Workaround

    No workaround is available.

    V. Solution

    Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.

    Perform one of the following:

    1) To update your system via a binary patch:

    The below freebsd-update use is inappropriate for pkgbase based
    installations of the 15.0 variants.

    [I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based
    systems but (1) does not apply there either.]


    Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8) utility:

    # freebsd-update fetch
    # freebsd-update install
    # shutdown -r now

    2) To update your system via a source code patch:

    The below source-based steps are inappropriate for pkgbase based
    installations of the 15.0 variants.

    [I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based
    systems but (2) does not correctly apply there either.]


    The following patches have been verified to apply to the applicable
    FreeBSD release branches.

    a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

    [FreeBSD 15.0]
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch.asc
    # gpg --verify vm-15.patch.asc

    [FreeBSD 14.3]
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch.asc
    # gpg --verify vm-14.patch.asc

    [FreeBSD 13.5]
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch
    # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch.asc
    # gpg --verify vm-13.patch.asc

    b) Apply the patch. Execute the following commands as root:

    # cd /usr/src
    # patch < /path/to/patch

    c) Recompile your kernel as described in <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system.

    There is no section for --or mention of-- pkgbase or of use of
    pkg/pkg-static commands for updating at all.

    (Such would not apply to any 13.5 variant.)


    VI. Correction details

    This issue is corrected as of the corresponding Git commit hash in the following stable and release branches:

    Branch/path Hash Revision ------------------------------------------------------------------------- stable/15/ 3c0942f99209 stable/15-n281508 releng/15.0/ 6e279feb40be releng/15.0-n281002 stable/14/ 99f641267d44 stable/14-n272998 releng/14.3/ de311ee39b3f releng/14.3-n271457 stable/13/ babac9d7bc05 stable/13-n259725 releng/13.5/ 4967e14ba25b releng/13.5-n259188 -------------------------------------------------------------------------

    Run the following command to see which files were modified by a
    particular commit:

    # git show --stat <commit hash>

    Or visit the following URL, replacing NNNNNN with the hash:

    <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

    To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run:

    # git rev-list --count --first-parent HEAD

    VII. References

    The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:03.vm.asc>


    --
    ===
    Mark Millard
    marklmi at yahoo.com


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21b-Linux NewsLink 1.2