Insufficient Logging in FreeBSD - CVE-2026-49426
Published: July 1, 2026
FreeBSD
Detailed vulnerability description
The vulnerability allows a local user to produce misleading audit trails.
The vulnerability exists due to incorrect audit record generation in the audit(4) facility for ptrace(2) PT_SC_REMOTE syscall auditing when recording the outcome of remotely executed system calls. A local user can debug a process and execute system calls via ptrace(PT_SC_REMOTE) to produce misleading audit trails.
Only systems using audit(4) are affected, and the issue can undermine audit-based intrusion detection systems.