← Back

CVE-2026-49412

nvd nist
Published: Jun 27, 2026Modified: Jul 1, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged local user can exploit this use-after-free to escalate privileges.

Affected (31)

Products: Freebsd: Freebsd
1 product
Freebsd
Configuration A
31 vulnerable
Vulnerable SoftwareAffected Versions
Freebsd
Version 14.3
Version 14.3 p10
Version 14.3 p11
Version 14.3 p12
Version 14.3 p13
Version 14.3 p14
Version 14.3 p1
Version 14.3 p2
Version 14.3 p3
Version 14.3 p4
Version 14.3 p5
Version 14.3 p6
Version 14.3 p7
Version 14.3 p8
Version 14.3 p9
Version 14.4
Version 14.4 p1
Version 14.4 p2
Version 14.4 p3
Version 14.4 p4
Version 14.4 p5
Version 15.0
Version 15.0 p1
Version 15.0 p2
Version 15.0 p3
Version 15.0 p4
Version 15.0 p5
Version 15.0 p6
Version 15.0 p7
Version 15.0 p8
Version 15.0 p9

References (1)

Timeline

No history available yet.