πŸ” CVE Alert

CVE-2026-49412

UNKNOWN 0.0

Use-after-free bug in the IPV6_MSFILTER socket option handler

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged local user can exploit this use-after-free to escalate privileges.

CWE CWE-416
Vendor freebsd
Product freebsd
Published Jun 27, 2026
Stay Ahead of the Next One

Get instant alerts for freebsd freebsd

Be the first to know when new unknown vulnerabilities affecting freebsd freebsd are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

FreeBSD / FreeBSD
15.0-RELEASE < p10 14.4-RELEASE < p6 14.3-RELEASE < p15

References

NVD β†— CVE.org β†— EPSS Data β†—
security.freebsd.org: https://security.freebsd.org/advisories/FreeBSD-SA-26:29.ip6_multicast.asc

Credits

Andrew Griffiths at Calif.io Maik MΓΌnch