A local DoS due to insufficient validation of syscall arguments in syscall freebsd4_getfsstat (compat). This issue affected FreeBSD 11.1 and 11.2. It was anounced on 2018-09-27 and assigned CVE-2018-17154.
Local DoS by unprivileged user because the implementation of syscall freebsd4_getfsstat (syscall number 18) does not sanitize a user provided buffer size. If this buffer size is set to a huge value then this leads to a kernel panic. In the cleanup of this syscall, a buffer is free'd. However, the to be free'd pointer is NULL and this is not checked.
I found this issue with a very minimal custom syscall fuzzer. This issue was not found by tools like Syzkaller because there was no syscall definition in Syzkaller.