Use-after-free in FreeBSD - CVE-2026-49418
Published: July 1, 2026
FreeBSD
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to use-after-free in the device pager page list when calling msync(MS_INVALIDATE) on a mapping of an unmanaged device object and then triggering a subsequent page fault. A local user can access a device that provides memory-mapped I/O and trigger the flaw to escalate privileges.
Exploitation is limited to systems where the user can access a device that provides memory-mapped I/O.