vulnerability
FreeBSD: VID-6c96da5e-54b6-11f1-8d7a-bc241121aa0a (CVE-2026-45253): FreeBSD -- Missing validation in ptrace(PT_SC_REMOTE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | May 21, 2026 | May 21, 2026 | Jun 15, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
May 21, 2026
Added
May 21, 2026
Modified
Jun 15, 2026
Description
ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges.
The missing validation allows an unprivileged local user to escalate privileges, potentially gaining full control of the affected system.
The missing validation allows an unprivileged local user to escalate privileges, potentially gaining full control of the affected system.
Solutions
freebsd-upgrade-base-15_0-release-p9freebsd-upgrade-base-14_4-release-p5freebsd-upgrade-base-14_3-release-p14
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.