FreeBSD The Power to Serve

FreeBSD 12.4-RELEASE Errata


This document lists errata items for FreeBSD 12.4-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.

This errata document for FreeBSD 12.4-RELEASE will be maintained until the FreeBSD 12.4-RELEASE end of life.


This errata document contains "late-breaking news" about FreeBSD 12.4-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.

Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the "current errata" for this release. These other copies of the errata are located at, plus any sites which keep up-to-date mirrors of this location.

Source and binary snapshots of FreeBSD 12-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).

For a list of all FreeBSD CERT security advisories, see

Security Advisories

Advisory Date Topic


8 February 2023

GELI silently omits the keyfile if read from stdin


16 February 2023

OpenSSH pre-authentication double free


16 February 2023

Multiple vulnerabilities in OpenSSL


21 June 2023

Network authentication attack via pam_krb5


21 June 2023

ssh-add does not honor per-hop destination constraints


1 August 2023

Remote denial of service in IPv6 fragment reassembly


1 August 2023

Potential remote code execution via ssh-agent forwarding


1 August 2023

Network authentication attack via pam_krb5

6 September 2023

pf incorrectly handles multiple IPv6 fragment headers


6 September 2023

Wi-Fi encryption bypass


3 October 2023

msdosfs data disclosure


8 November 2023

libc stdio buffer overflow

5 December 2023

TCP spoofing vulnerability in pf(4)


19 December 2023

Prefix Truncation Attack in the SSH protocol

Errata Notices

Errata Date Topic


8 February 2023

Timezone database information update


8 February 2023

ixgbe incorrectly reports input errors for 82599ES


21 June 2023

Timezone database information update


21 June 2023

mpr(4) may fail to initialize devices


3 October 2023 (revised)

freebsd-update to 14.0 fails


3 October 2023

freebsd-update to 14.0 fails


8 November 2023

freebsd-update does not handle deep boot environments


8 November 2023

Incorrect regular expression escape handling


1 December 2023

OpenZFS data corruption

Open Issues

If upgrading from an earlier version of FreeBSD, sshd (from OpenSSH 9.1p1) will not accept new connections until it is restarted. After installing the new userland, either reboot (as specified in the source update procedure), or execute service sshd restart.

Late-Breaking News

No late-breaking news

Last modified on: December 20, 2023 by Philip Paeps