Double free in FreeBSD - CVE-2026-49419

 

Double free in FreeBSD - CVE-2026-49419

Published: July 1, 2026


Vulnerability identifier: #VU136006
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-49419
CWE-ID: CWE-415
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: FreeBSD Foundation
Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to a double free in kern_jail_set() and kern_jail_get() when handling the JAIL_AT_DESC flag and a failed jail descriptor lookup. A local user can trigger the affected system calls to escalate privileges.

On the jail host, exploitation will generally result in an immediate panic instead of privilege escalation. Privilege escalation may be possible when the user is running inside a jail.


How to mitigate CVE-2026-49419

Install security update from vendor's website.

Sources