FreeBSD 11.3-RELEASE Errata

The FreeBSD Project

FreeBSD is a registered trademark of the FreeBSD Foundation.

Intel, Celeron, Centrino, Core, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

SPARC, SPARC64, and UltraSPARC are trademarks of SPARC International, Inc in the United States and other countries. SPARC International, Inc owns all of the SPARC trademarks and under licensing agreements allows the proper use of these trademarks by its members.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this document, and the FreeBSD Project was aware of the trademark claim, the designations have been followed by the or the ® symbol.

Last modified on 2020-01-28 15:56:41 EST by gjb.

This document lists errata items for FreeBSD 11.3-RELEASE, containing significant information discovered after the release or too late in the release cycle to be otherwise included in the release documentation. This information includes security advisories, as well as news relating to the software or documentation that could affect its operation or usability. An up-to-date version of this document should always be consulted before installing this version of FreeBSD.

This errata document for FreeBSD 11.3-RELEASE will be maintained until the release of FreeBSD 11.4-STABLE (if applicable).

Table of Contents
1. Introduction
2. Security Advisories
3. Errata Notices
4. Open Issues
5. Late-Breaking News

1. Introduction

This errata document contains late-breaking news about FreeBSD 11.3-RELEASE. Before installing this version, it is important to consult this document to learn about any post-release discoveries or problems that may already have been found and fixed.

Any version of this errata document actually distributed with the release (for example, on a CDROM distribution) will be out of date by definition, but other copies are kept updated on the Internet and should be consulted as the current errata for this release. These other copies of the errata are located at, plus any sites which keep up-to-date mirrors of this location.

Source and binary snapshots of FreeBSD 11.4-STABLE also contain up-to-date copies of this document (as of the time of the snapshot).

For a list of all FreeBSD CERT security advisories, see

2. Security Advisories

FreeBSD-SA-19:12.telnet24 July 2019

Multiple vulnerabilities

FreeBSD-SA-19:13.pts24 July 2019

Write-after-free vulnerability

FreeBSD-SA-19:14.freebsd3224 July 2019

Kernel memory disclosure

FreeBSD-SA-19:15.mqueuefs24 July 2019

Reference count overflow

FreeBSD-SA-19:16.bhyve24 July 2019

xhci(4) out-of-bounds read

FreeBSD-SA-19:17.fd24 July 2019

Reference count leak

FreeBSD-SA-19:18.bzip26 August 2019

Multiple vulnerabilities

FreeBSD-SA-19:19.mldv26 August 2019

Out-of-bounds memory access

FreeBSD-SA-19:20.bsnmp6 August 2019

Insufficient message length validation

FreeBSD-SA-19:21.bhyve6 August 2019

Insufficient validation of guest-supplied data

FreeBSD-SA-19:22.mbuf20 August 2019

IPv6 remove denial-of-service

FreeBSD-SA-19:23.midi20 August 2019

Kernel memory disclosure

FreeBSD-SA-19:24.mqueuefs20 August 2019

Reference count overflow

FreeBSD-SA-19:25.mcepce12 November 2019

Machine Check Exception on Page Size Change

FreeBSD-SA-19:26.mcu12 November 2019

Intel CPU Microcode Update

FreeBSD-SA-20:01.libfetch28 January 2020

fetch(3) buffer overflow

FreeBSD-SA-20:03.thrmisc28 January 2020

Kernel stack data disclosure

FreeBSD-SA-20:04.tcp18 March 2020

TCP IPv6 SYN cache kernel information disclosure

FreeBSD-SA-20:05.if_oce_ioctl18 March 2020

Insufficient ioctl(2) privilege checking

FreeBSD-SA-20:07.epair18 March 2020

Incorrect user-controlled pointer use

FreeBSD-SA-20:08.jail18 March 2020

Kernel memory disclosure with nested jails

FreeBSD-SA-20:09.ntp18 March 2020

Multiple denial of service

FreeBSD-SA-20:10.ipfw21 April 2020

Invalid mbuf(9) handling

FreeBSD-SA-20:12.libalias12 May 2020

Insufficient packet length validation

FreeBSD-SA-20:13.libalias12 May 2020

Memory disclosure vulnerability

FreeBSD-SA-20:14.sctp12 May 2020

Improper checking in shared key update

FreeBSD-SA-20:14.cryptodev12 May 2020

Use-after-free condition

3. Errata Notices

FreeBSD-EN-19:13.mds24 July 2019

System crash from Intel CPU vulnerability mitigation

FreeBSD-EN-19:15.libunwind6 August 2019

Incorrect exception handling

FreeBSD-EN-19:16.bhyve20 August 2019

Instruction emulation improvements

FreeBSD-EN-19:17.ipfw20 August 2019

"jail" keyword fix

FreeBSD-EN-19:18.tzdata23 October 2019

Timezone database information update

FreeBSD-EN-20:01.ssp28 January 2020

Imprecise orderring of canary initialization

FreeBSD-EN-20:02.nmount28 January 2020

Invalid pointer dereference

FreeBSD-EN-20:04.pfctl18 March 2020

Missing pfctl(8) tunable

FreeBSD-EN-20:06.ipv618 March 2020

Incorrect checksum calculations

FreeBSD-EN-20:07.quotad21 April 2020

Regression with certain NFS servers

FreeBSD-EN-20:08.tzdata12 May 2020

Timezone database update

FreeBSD-EN-20:10.build12 May 2020

Incorrect build host clang version detection

4. Open Issues

  • [2019-07-04] An issue which can cause a crash when connecting to a bhyve(4) instance with a VNC client under certain circumstances had been reported. An errata notice is planned post-release.

  • [2019-07-04] An issue booting bhyve(4) virtual machines compiled with clang(1) version 8.0.0 or later had been reported late in the release cycle. An errata notice is planned post-release.

    This issue is believed to only affect OpenBSD virtual machines compiled with clang(1).

  • [2019-07-04] An issue when upgrading from FreeBSD 11.3 to FreeBSD 12.0 (which occurred earlier in time, comparatively), had been reported where the com.delphix:spacemap_v2 zpool(8) feature does not exist on FreeBSD 12.0, will fail to import the ZFS pool.

    At this time, it is advised to defer migrating from FreeBSD 11.3 to FreeBSD 12.x until FreeBSD 12.1 is available.

    Upgrading from earlier FreeBSD 11.x releases to FreeBSD 12.0 are believed to be unaffected.

5. Late-Breaking News

  • [2019-12-06] An issue has been reported with the FreeBSD 11.3-RELEASE images on the Google Compute Engine platform which causes virtual machines to fail to start properly.

    While we intend to investigate how to handle similar situations should they arise in the future, updated images will not be provided as of this time.

    Users wanting to use FreeBSD in Google Compute Engine are advised to use 12.0-RELEASE or 12.1-RELEASE, or for those who wish to track 11.X, the freebsd-11-3-stable-amd64-v20190801 snapshot from stable/11 has been reported to work correctly.

    More details can be found in PR 242303.

This file, and other release-related documents, can be downloaded from

For questions about FreeBSD, read the documentation before contacting <>.

All users of FreeBSD 11.4-STABLE should subscribe to the <> mailing list.

For questions about this documentation, e-mail <>.