Since a few days, I see this warning: Checking for security vulnerabilities in base (userland & kernel): Database fetched: 2024-11-15T19:30+00:00 FreeBSD-kernel-14.1_5 is vulnerable: FreeBSD -- Unbounded allocation in ctl(4) CAM Target Layer CVE: CVE-2024-39281 WWW: https://vuxml.FreeBSD.org/freebsd/8caa5d60-a174-11ef-9a62-002590c1f29c.html
The corresponding SA (FreeBSD-SA-24:18.ctl) is from 2024-10-29. Since I install updates regularly, it should be applied already. Indeed: # freebsd-update fetch ... No updates needed to update system to 14.1-RELEASE-p6. # uname -a FreeBSD ... 14.1-RELEASE-p5 FreeBSD 14.1-RELEASE-p5 GENERIC amd64 What should I do in response to the warning?
signature.asc
Description: PGP signature
