From nobody Tue Jan 27 23:56:50 2026
X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4f12Pp5mrcz6Pk4S
	for <freebsd-security@mlmmj.nyi.freebsd.org>; Tue, 27 Jan 2026 23:57:02 +0000 (UTC)
	(envelope-from marklmi@yahoo.com)
Received: from sonic316-55.consmr.mail.gq1.yahoo.com (sonic316-55.consmr.mail.gq1.yahoo.com [98.137.69.31])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4f12Pp1sZ3z3T58
	for <freebsd-security@freebsd.org>; Tue, 27 Jan 2026 23:57:02 +0000 (UTC)
	(envelope-from marklmi@yahoo.com)
Authentication-Results: mx1.freebsd.org;
	none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1769558214; bh=U/Y6lkAfLQE/g+AGiaaZuFsEyh/+xPMGHZttwN4yI/E=; h=Date:Subject:To:References:From:In-Reply-To:From:Subject:Reply-To; b=DMG7ENIIckEQ1PKvUJxshGGLnLK1c3UpZm4c2+IzGFs0VD3H4nEWPkY2Elx8ZitHOfj8j62QJ94dcNXdhIMYaPiavqh+BhmWe/EevJezkEAHZpUxi3llDQ6RQ6qkyaldni1dyydxTs2n32gM0mvbcMb/ZGUs5mLpSZRcECo6gvHfkuRII5wNt44WnkhdSp/UTmP2xSCSYbcWk5j3qo5tZUJgSfe98zJhBvF/dxgoeOco/UsDBrbiSYO2tuWe2G1XH1R0G9DBwutEzVtaycJuDPUgJlq3uftD6LEGxUsd61HYS2+Y07E6pOvIn6HQdwxzy0Ac7n231IsK9qL+6Hb4WA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1769558214; bh=Br0MPshY0tpQgjx8wzN0YlOZxpdoboYMfni/oVZHO27=; h=X-Sonic-MF:Date:Subject:To:From:From:Subject; b=sbqEfl/W3bx8sa+BvSYaWtKdrkS+YUbwW/u/I6KbWGLVX8z8vbF8EBf841x1VXMIB8IjkVTH1ow3B+e6mdSL4wMAozhNXQAR200HbtlJ8M6GWu4aI1kJztaqTnrXMdZYq/PGhqrZsD/7OMS+sgkZWZ0lt1DN1sI8FhvjvMEcg5znefkHb86wkYYb9O9qMmG/aM3gNJ8aGvy2pNnM+dC+yQ4emKjlVCY/hdc/Iubs9vwO44AcbyVFEDqWEfvwvqvXu/OqcVU8Atdw8vjjyqMTLeDBHn9GAJ5sGI673dJowlf1f8vJW6c/sU/NqfZTuz8zrkQre+5sETcv6wRHahMq7w==
X-YMail-OSG: 3zsQljcVM1lQK1mK9QLW.wA.5TdK5rs3aJ3hRUXLUhJjG0qEDawGQzc3x1yg3qh
 aPtGYfL.3PUZ7lYzaa0rBQam8O53e_TlLlScCsQseDrIl0T1iKrGsazxAmWvYf4ta3PfDDFiEK4E
 OYSVlInFhmi.Pa9CvluE2shzm0CgqqeCv1v0DXUjFDl1yN4tETICxS.JB53GBkGRbon75lFkv_Le
 _P5w6KAErYpImx.ny4uSvyHS5tX9Mo0v4z8nytmLDu6auAZZp2vGPpqHvpolKXSe3vLnTp2iNK_Z
 YteXELT3OW8lQXfBNa5Ljithf7Pn8eNyAVYPyjo.R.Ld5ZByYLgdHjRBkO_HBlE599YPGpO1PwiS
 _NntUxOpsvenK93f.MJPqMHFmwtvzueY2efBO8_sjAc5IsTbbb3W64oR5AKDNXVM0.OKL6pN8nTv
 9PEcyhhTrGUtBthQ_j91LXAYE._2aqQchVr90MNXUV8MObGmnbj9WUXKSzZ02lGmVC0WI06eqYj8
 He8jfFtdwiNeF1haRZHEktcwTA0ug0IlQjKz7E6dZBOOQsDnwQy9a9zUyb3PyLPBm8YAwXGVt_OK
 _zl0EezXNPaRyFofXgPKbEnL8ZHGfblvcGYNd3pz7TlDnePPLUgEex4foV37yIu250IU_opu.k3R
 7n8t08GiIsEwvUZugPGMnpN36bcQMUmYxud6j30FZ19IKTkhLHksMxhPN3ClZMMvgdCUzM_Kl4iV
 _00ZClVqddkQcoY0JngnSsjnptUvkVa.LHQY31c4OQq.oFjz0ppwS8f0d2Q1ObmLGVdk8mRC.eRL
 6D8bjCl3aj8JP4I3pi.fXg8ur82qjJZokC0A0RUBstvPraVa2.9W4kzsC.hnfu3Y_e50L2WwczZT
 zchj7k2zYlpxbV00xvlUqP7A92XKfLTMjjNCWY8hdCUn5BvpI_rhVV9cuyKjK9yyyjNB0jcp.67o
 d9_6DFrWDvWwV3dKSx8QLspA6mUKRyi9I63PQNa_MhqHfEB_UxNuQDOfBcR6f2Rb20xukRaMOGRf
 Uw2kDwensrhpUrd2WkaWfdcSU.7yFChth5MDVGoJOR_AeuP4PHAcx7_kN_J3UCcPl4slJ1aVN_mq
 stpq06WPZW7J0S9Itw_Lq3v32.M6kB5OxMT90MPvSMOvJOqolNcYqlEY.0Dr69UFr5D_Ipu1mdV7
 n7eD_om1VRDmbTQ_XQ5xY17Jd6NuJ00EucrrJjxSjb8VxTnF97Zg.ZHIECHjdXiZBKLT9GeqVbZz
 S1WSt5..UQnNda6_tFriM3ma_FXz0djAML4iTJJM8QBmvEhLHaTL9GWACRThni_hlw3w4sl3X7xS
 Sr2vLypMPHvQiGa185Ywe_NTbNYI2OHc1WjQYadocZAW2NBLZ3OWeTI6wIn8ahMMY3KnZz2FcPDV
 OXPrm8k.79LenfOOqrulvwoVH7mTmU1LMaoegD80H3tUDWAUSljZsx5xcA_f40H4kVsk_E70XXIe
 F.p0yBNZ_2eI1sobs4nZeBUmZAu6MjBkx0rRUylwg1C0mcn9N5VWk3CuBwTdKVFaz_bo6LrQUZ8r
 w6adK4mraTyiKzW2ckOxh5p8ZdQ.6bP_VW0cHtJst.UXYwe_vFwezabrxHj8K5FPQ9D6kXP27oeS
 UJ.cn30QS6nkCMQ_tfZxffjYsJ8lf66XjmBAQq_CzwDkb8f0oAh7qbPXNsKcvuli1gOe4gEi5l3g
 FCsYDGo0aUAGaqpLwBJiQfPEc_SiWzD5pGSU5jKaxkuUIl5wX3Da4r0Gnew_rePl2APhWTuWsr6R
 IqsnoiDDhyGvshPEXMNle6GxV62nc26Kr.n3Ttvp7kMy6WVertsHFs0GNrTJVDXDvgti4Rk3ksW5
 Pd0hotSfsEsXb596e_KA4LVHnq2jEyvfyxk4cmJRblyXonRCXrhv2WryLYTZp_oKiuvjSoL5oCRL
 .zSblDBImpitt4gx1Mu0sPPeHecbu_hhe55vBcTkhUE.sN.KpytYfof3K6RC56QWjrCiTLmCKDtU
 Ro9DeApMdfrW4Teyo6ZWXrvSRCksCfastp_czi9eBTY9yR9dzcNrYlhvYBOJG4lLyAfKhH72aXl_
 iLoAbfodPzCXdu_1C39AwAvpIrv53KZQSOi2jdRc.APqmxXRqPODTvbP_xUhENmO9RJbrK2igaX2
 GQ5Rhw_CE2HSmn.Ox5BGKkbdTSKOdHVvE_MMrN88VQuS7P4OwmXr.KHI7koRuTX5_oU6NXXgtFAT
 Q279mn8MLUKnU4we9wAqDP8tQyFEcXdc96dphaH3Yz6bf5qQMg3nKAtFivNsR.URAICic5ckrtJw
 5mSAozmiHO0kGV.6h9z6seZW4BA--
X-Sonic-MF: <marklmi@yahoo.com>
X-Sonic-ID: 3c648624-b698-4de8-893f-956aa3b8f1e1
Received: from sonic.gate.mail.ne1.yahoo.com by sonic316.consmr.mail.gq1.yahoo.com with HTTP; Tue, 27 Jan 2026 23:56:54 +0000
Received: by hermes--production-gq1-86969b76cd-nqwkg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 91301acec3a7109d367302cd2aaa24c1;
          Tue, 27 Jan 2026 23:56:51 +0000 (UTC)
Message-ID: <a0630f43-5fb0-49a2-87f0-e6bafa3e7d0e@yahoo.com>
Date: Tue, 27 Jan 2026 15:56:50 -0800
List-Id: Security issues <freebsd-security.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-security
List-Help: <mailto:freebsd-security+help@freebsd.org>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Subscribe: <mailto:freebsd-security+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-security+unsubscribe@freebsd.org>
X-BeenThere: freebsd-security@freebsd.org
Sender: owner-freebsd-security@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: FreeBSD Errata Notice FreeBSD-EN-26:03.vm [and other
 notices/advisories from today: pkgbase instructions?]
To: freebsd-stable@freebsd.org, freebsd-security@freebsd.org
References: <20260127222855.40E6D3A1@freefall.freebsd.org>
Content-Language: en-US
From: Mark Millard <marklmi@yahoo.com>
In-Reply-To: <20260127222855.40E6D3A1@freefall.freebsd.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Mailer: WebService/1.1.24987 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[]
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Rspamd-Queue-Id: 4f12Pp1sZ3z3T58

On 1/27/26 14:28, FreeBSD Errata Notices wrote:
> =============================================================================
> FreeBSD-EN-26:03.vm                                             Errata Notice
>                                                           The FreeBSD Project
> 
> Topic:          The page fault handler fails to zero memory
> 
> Category:       core
> Module:         vm
> Announced:      2026-01-27
> Affects:        All supported versions of FreeBSD.
> Corrected:      2025-12-15 10:37:54 UTC (stable/15, 15.0-STABLE)
>                 2026-01-27 19:15:47 UTC (releng/15.0, 15.0-RELEASE-p2)
>                 2025-12-15 10:42:28 UTC (stable/14, 14.3-STABLE)
>                 2026-01-27 19:16:12 UTC (releng/14.3, 14.3-RELEASE-p8)
>                 2026-01-26 15:18:32 UTC (stable/13, 13.4-STABLE)
>                 2026-01-27 19:16:34 UTC (releng/13.5, 13.5-RELEASE-p9)

My notes use this Errata Notice as an example. But all 3 of the Errata
Notices and the 2 Security Advisories released today look to have
similar points relative to pkgbase-based FreeBSD OS installations.

> 
> For general information regarding FreeBSD Errata Notices and Security
> Advisories, including descriptions of the fields above, security
> branches, and the following sections, please visit
> <URL:https://security.FreeBSD.org/>.
> 
> I.   Background
> 
> The mmap(2) system call allows applications and system libraries to allocate
> heap memory using the MAP_ANON flag.  The system call allocates virtual memory
> in the calling thread's address space and physical memory is allocated on
> demand as page faults occur.  Memory allocated this way is guaranteed to be
> zero-filled.
> 
> II.  Problem Description
> 
> Under some conditions, the physical pages allocated and mapped by the kernel
> may not be zero-filled.
> 
> III. Impact
> 
> This bug has been observed to cause process crashes.
> 
> IV.  Workaround
> 
> No workaround is available.
> 
> V.   Solution
> 
> Upgrade your system to a supported FreeBSD stable or release / security
> branch (releng) dated after the correction date.
> 
> Perform one of the following:
> 
> 1) To update your system via a binary patch:

The below freebsd-update use is inappropriate for pkgbase based
installations of the 15.0 variants.

[I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based
systems but (1) does not apply there either.]

> 
> Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
> or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8)
> utility:
> 
> # freebsd-update fetch
> # freebsd-update install
> # shutdown -r now
> 
> 2) To update your system via a source code patch:

The below source-based steps are inappropriate for pkgbase based
installations of the 15.0 variants.

[I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based
systems but (2) does not correctly apply there either.]

> 
> The following patches have been verified to apply to the applicable
> FreeBSD release branches.
> 
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
> 
> [FreeBSD 15.0]
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch.asc
> # gpg --verify vm-15.patch.asc
> 
> [FreeBSD 14.3]
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch.asc
> # gpg --verify vm-14.patch.asc
> 
> [FreeBSD 13.5]
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch
> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch.asc
> # gpg --verify vm-13.patch.asc
> 
> b) Apply the patch.  Execute the following commands as root:
> 
> # cd /usr/src
> # patch < /path/to/patch
> 
> c) Recompile your kernel as described in
> <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
> system.

There is no section for --or mention of-- pkgbase or of use of
pkg/pkg-static commands for updating at all.

(Such would not apply to any 13.5 variant.)

> 
> VI.  Correction details
> 
> This issue is corrected as of the corresponding Git commit hash in the
> following stable and release branches:
> 
> Branch/path                             Hash                     Revision
> -------------------------------------------------------------------------
> stable/15/                              3c0942f99209    stable/15-n281508
> releng/15.0/                            6e279feb40be  releng/15.0-n281002
> stable/14/                              99f641267d44    stable/14-n272998
> releng/14.3/                            de311ee39b3f  releng/14.3-n271457
> stable/13/                              babac9d7bc05    stable/13-n259725
> releng/13.5/                            4967e14ba25b  releng/13.5-n259188
> -------------------------------------------------------------------------
> 
> Run the following command to see which files were modified by a
> particular commit:
> 
> # git show --stat <commit hash>
> 
> Or visit the following URL, replacing NNNNNN with the hash:
> 
> <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
> 
> To determine the commit count in a working tree (for comparison against
> nNNNNNN in the table above), run:
> 
> # git rev-list --count --first-parent HEAD
> 
> VII. References
> 
> The latest revision of this advisory is available at
> <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:03.vm.asc>
> 
> 

-- 
===
Mark Millard
marklmi at yahoo.com