NAME:WRECK Vulnerability Status

On April 15th, 2021 the US Cyber Security & Infrastructure Security Agency released an alert about a set of nine vulnerabilities referred to as NAME:WRECK.

Full Announcement by Forescout Research Labs can be viewed from Forescout

Forescout Research Labs’ report states that FreeBSD 12.1 is vulnerable. FreeBSD patched this vulnerability and released a notice on 2020-09-02. FreeBSD Security Advisory : FreeBSD-SA-20:26.dhclient

The TrueNAS security errata for this patch is posted here .

The 12.x versions of TrueNAS are based on the 12.2 branch of FreeBSD.

iXsystems strongly recommend all users upgrade to the latest 12.0-U3 version. While 11.3-U5 is not vulnerable to NAME:WRECK, other FreeBSD errata have been made public since 11.3-U5’s release. Since the 11.x versions of TrueNAS are no longer undergoing active development, users should update to the 12.0-U3. You can download the latest version of TrueNAS from TrueNAS.com .

If you have a support contract with iXsystems and have further questions feel free to reach out to your Support representative.