Integer overflow in FreeBSD - CVE-2026-49430
Published: July 1, 2026
FreeBSD
Detailed vulnerability description
The vulnerability allows a local user to cause memory corruption.
The vulnerability exists due to improper integer truncation in the ZFS_IOC_RECV_NEW ioctl when handling a crafted receive stream in heal mode. A local user can send a crafted receive stream to cause memory corruption.
Exploitation requires the delegated ZFS permission "receive" and the heal receive path.