Use of Uninitialized Variable in FreeBSD - CVE-2026-49424

 

Use of Uninitialized Variable in FreeBSD - CVE-2026-49424

Published: July 1, 2026


Vulnerability identifier: #VU136018
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-49424
CWE-ID: CWE-457
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: FreeBSD Foundation
Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a local user to disclose sensitive information.

The vulnerability exists due to uninitialized memory usage in the Linux waitid() implementation when translating a FreeBSD siginfo_t struct into a stack-declared Linux siginfo_t. A local user can invoke waitid() via the Linux compatibility layer to disclose sensitive information.

Only systems with the Linux binary compatibility layer loaded are vulnerable, and up to 104 bytes of uninitialized kernel stack data may be exposed.


How to mitigate CVE-2026-49424

Install security update from vendor's website.

Sources