This past week was one of the most eventful for FreeBSD in recent memory: six security advisories dropped simultaneously, FreeBSD 15.1 hit release candidate status, and the FreeBSD Foundation’s executive director went public about daily-driving FreeBSD on a laptop.
FreeBSD 15.1-RC1 Released
On May 22, Colin Percival announced FreeBSD 15.1-RC1 — the first and likely only release candidate before the planned final release in early June. RC1 is available for amd64, powerpc64, powerpc64le, armv7, aarch64 (including RPI, PINE64, PINEBOOK, ROCK64, ROCKPRO64), and riscv64.
Changes since Beta 3 include:
- The six new security advisories SA-26:18 through SA-26:24(see below)
- Improvements to fwget(8) for automatically identifying necessary firmware for more Wi-Fi cards
- EC2 “small” instances no longer run firstboot_pkgs by default
- freebsd-update no longer prompts to merge changes to
/etc/ssl/cert.pem - Various kernel bug fixes and man page updates
The full set of installation images, VM images (QCOW2, VHD, VMDK, raw), OCI container images, and EC2 AMI images are available on the usual download mirrors.
Security Advisory Blitz: Six Advisories at Once
On May 20, the FreeBSD Security Team released six security advisories simultaneously — several of which were discovered through AI-driven vulnerability research.
SA-26:18.setcred — Stack Buffer Overflow (CVE-2026-45250, Critical)
The most severe vulnerability of the week. A sizeof type error in kern_setcred_copyin_supp_groups()(sys/kern/kern_prot.c) causes a kernel stack buffer overflow in the setcred(2) system call. The bug: sizeof(*groups) evaluates to 8 bytes (pointer size) instead of the intended 4 bytes (sizeof(gid_t)). An unprivileged local user can exploit this to escalate to root — even on systems with SMAP/SMEP enabled. The vulnerability was disclosed by Przemyslaw Frasunek under the name “FatGid” and affects FreeBSD 14.3, 14.4, and 15.0.
Fixed in: 14.3-RELEASE-p14, 14.4-RELEASE-p5, 15.0-RELEASE-p9. FreeBSD 13.x and earlier are unaffected (the setcred(2)syscall doesn’t exist there).
SA-26:19.file — Kernel Use-After-Free
A file descriptor system call flaw can lead to a kernel use-after-free condition. Discovered by Calif.io (AI-driven vulnerability discovery).
SA-26:20.fusefs — Heap Overflow in FUSE_LISTXATTR
The kernel processes extended attribute lists from userspace FUSE daemons without verifying proper NUL termination, potentially allowing a malicious FUSE daemon to trigger a heap overflow. Discovered by the AISLE Research Team (autonomous vulnerability discovery).
SA-26:21.ptrace — Missing Validation in ptrace(PTSCREMOTE)
Missing input validation allows unprivileged local users to escalate privileges to root. Discovered using GLM-5.1 by Z.ai.
SA-26:22.libcasper — select(2) File Descriptor Set Overflow Causes Stack Overflow
An overflow of the file descriptor set in select(2) within libcasper leads to a stack overflow. Discovered by the AISLE Research Team.
SA-26:23.bsdinstall — Remote Code Execution via Installer Wi-Fi Scans
A specially crafted network name (SSID) can trigger arbitrary command execution via sub-shell during Wi-Fi access point scanning in bsdinstall and bsdconfig. Practically relevant when installing in Wi-Fi environments.
SA-26:24.cap_net — Incorrect Permission List Manipulation
Faulty manipulation of limitation lists in libcap_net can extend a process’s permissions beyond what was intended. Discovered by the AISLE Research Team.
Takeaway: What’s notable is that several of these vulnerabilities were discovered through AI-based tools (Calif.io, GLM-5.1, AISLE Research Team). This marks a turning point in OS security auditing — AI-driven discovery is now producing real, exploitable findings.
FreeBSD 15.1 Beta 3 (May 17)
The third beta of FreeBSD 15.1, released the previous weekend, brought important updates:
- OpenZFS 2.4.2 was integrated (bug fixes and improvements)
- Cloud images now run
pkg upgradeon first boot to apply security updates - Kerberos was updated
- Scripted bsdinstall installations now use pkgbase
- The planned KDE desktop installation option was deferred to FreeBSD 15.2, as the script still needs adaptation for new NVIDIA drivers and removal of obsolete components
FreeBSD Foundation ED Daily-Drives FreeBSD on Laptop
Deb Goodkin, Executive Director of the FreeBSD Foundation since 2005, presented at the Open Source Summit North America (OSS 2026) in Minneapolis about her experience daily-driving FreeBSD on a Framework Laptop. Previously, every attempt to run FreeBSD on laptops “felt like a mountain” — time-consuming and ultimately getting stuck. With the KDE desktop, the touchscreen “just worked,” as did peripherals like a wireless mouse. Challenges remained: Zoom required effort to get working, the webcam needed manual steps to enable, and Microsoft Teams only partially worked. An encouraging sign, but also an honest assessment of the remaining gaps in desktop support.
Community and Blog Posts
Per-Jail Package Repository Selection (Ian Wagner)
Ian Wagner published a helpful blog post on configuring different package repositories per jail under FreeBSD. Using AppJail for declarative jail management, the post demonstrates how to switch specific jails to the latest ports branch when newer packages are needed while others remain on quarterly.
FreeBSD Resource Monitoring, Accounting, and Troubleshooting (Larvitz Blog)
A thorough guide on resource monitoring and troubleshooting on FreeBSD systems — from “the server feels slow” to concrete diagnostic tools and techniques.
Ubuntu 16.04 to FreeBSD Migration
A blog that ran on Ubuntu 16.04 for 10 years reported on its migration to FreeBSD, motivated by Ubuntu 16.04’s end-of-life and the promise of long-term stability.
Valuable News — May 18 (vermaden)
The weekly link roundup from vermaden offers its usual comprehensive overview of BSD and UNIX-related articles.
Mailing List Discussions
pkgbase Upgrade from 15.0 to 15.1
Discussions around the pkgbase upgrade path from 15.0-RELEASE to 15.1-BETA2 reveal that the transition to the new default installation method isn’t entirely smooth yet. Issues with kernel modules (kmods) and the pkgbase-quarterly repos were extensively discussed.
Boot-Time Bugs on freebsd-stable
Garrett Wollman reported issues with booting his server fleet, sparking a discussion about boot-time behavior and error handling.
Diskless Systems on 15.1
Daniel Braniss and Bjoern Zeeb discussed problems with diskless setups under FreeBSD 15.1 that can cause hangs during boot.
Looking Ahead
If all goes according to plan, FreeBSD 15.1-RELEASE is expected around June 2, 2026. The KDE desktop installation option has been deferred to FreeBSD 15.2 (expected December 2026). Until then, manual installation via pkg remains the recommended approach for a KDE desktop on FreeBSD.