Maybe they're not up to snuff on yesterday? They published this yesterday.
> The bug was silently fixed in the main branch on 2025-11-27 (commit 000d5b52c19ff3858a6f0cbb405d47713c4267a4) as a side effect of a broader function refactoring. The fix has not been backported to stable/14 or releng/14.4. FreeBSD 14.4-RELEASE remains vulnerable.
> FreeBSD 15.0 still carries the sizeof(*groups) typo and is therefore vulnerable, but the surrounding code differs enough from 14.4 that the chain primitives developed here do not lift the overflow into a working LPE on that branch. On 15.0 the bug remains a kernel panic triggered by any unprivileged user.
Why not? This weird complaint has been happening since ~2010 and it has never made any sense. You are strictly better off with the website than without it. When it was vulnerability researchers getting all peevish about the status competition they were running, I at least understood where the complaint was coming from, but even among practitioners, branded vulnerabilities are so much the norm at this point that there's no status implication anymore.
Is there something in this website that feels unnecessary? It seems like a good format of sharing high quality information.
This looks like a full bug into a complete root escalation of a kernel. That's hard to do and deserving of praise. The fact that we have a writeup organized like this is awesome.
-------
This is sort of the expert level stuff that I thought HackerNews would most enjoy.
I would think that pure-storage NAS or network equipment
was effectively completely immune to local privilege escalation. I'll give you the NAS where it might be running untrusted containers or such, but that's it.
Not sure why this is saying it isn’t patched, they released the notice including fix for 14.4 yesterday?
Maybe they're not up to snuff on yesterday? They published this yesterday.
> The bug was silently fixed in the main branch on 2025-11-27 (commit 000d5b52c19ff3858a6f0cbb405d47713c4267a4) as a side effect of a broader function refactoring. The fix has not been backported to stable/14 or releng/14.4. FreeBSD 14.4-RELEASE remains vulnerable.
> FreeBSD 15.0 still carries the sizeof(*groups) typo and is therefore vulnerable, but the surrounding code differs enough from 14.4 that the chain primitives developed here do not lift the overflow into a working LPE on that branch. On 15.0 the bug remains a kernel panic triggered by any unprivileged user.
Why does this need to be a whole ass website
Why not? This weird complaint has been happening since ~2010 and it has never made any sense. You are strictly better off with the website than without it. When it was vulnerability researchers getting all peevish about the status competition they were running, I at least understood where the complaint was coming from, but even among practitioners, branded vulnerabilities are so much the norm at this point that there's no status implication anymore.
You're not going to get anywhere in the security sector unless you gain notoriety i.e. are noticed.
This appears to come from dressing up like Elton John in a feather suit and hiring a marketing team.
It's a wall of text about a kernel stack overflow. I'm not sure where the "Elton John" part is. Is it... that they used an accent color?
What?
Is there something in this website that feels unnecessary? It seems like a good format of sharing high quality information.
This looks like a full bug into a complete root escalation of a kernel. That's hard to do and deserving of praise. The fact that we have a writeup organized like this is awesome.
-------
This is sort of the expert level stuff that I thought HackerNews would most enjoy.
TrueNAS is on FreeBSD, as well as lots of network equipment. This does affect us more than we think as operators.
I would think that pure-storage NAS or network equipment was effectively completely immune to local privilege escalation. I'll give you the NAS where it might be running untrusted containers or such, but that's it.
Alas, TrueNAS actually switched to Linux a couple of years ago.
Possibly Playstation as well.