FreeBSD: Local Privilege Escalation via Execve()
6 hours ago
- #privilege-escalation
- #security-advisory
- #buffer-overflow
- FreeBSD security advisory SA-26:13 addresses a local privilege escalation vulnerability via the execve() system call.
- An operator precedence bug in the kernel causes a buffer overflow, allowing attacker-controlled data to overwrite adjacent execve(2) argument buffers.
- This vulnerability (CVE-2026-7270) affects all supported versions of FreeBSD and may enable unprivileged users to gain superuser privileges.
- No workaround is available; solutions include upgrading systems via pkg, freebsd-update, or applying source code patches, followed by a reboot.
- Correction details include specific Git commit hashes for stable and release branches, with patches verified and provided via FreeBSD security channels.