Time-of-check Time-of-use (TOCTOU) Race Condition in FreeBSD - CVE-2026-49415

 

Time-of-check Time-of-use (TOCTOU) Race Condition in FreeBSD - CVE-2026-49415

Published: July 1, 2026


Vulnerability identifier: #VU136007
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-49415
CWE-ID: CWE-367
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: FreeBSD Foundation
Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to a time-of-check time-of-use race condition in execve(2) when executing a set-user-ID binary. A local user can access and modify the target process memory via procfs or linprocfs during the credential transition window to escalate privileges.

The issue occurs because the new virtual address space is installed before process credentials are updated.


How to mitigate CVE-2026-49415

Install security update from vendor's website.

Sources