Stack-based buffer overflow in FreeBSD - CVE-2026-58082
Published: July 1, 2026
FreeBSD
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a buffer overflow.
The vulnerability exists due to stack-based buffer overflow in the ISO-2022 encoding module when converting untrusted input using ISO-2022 variants that require more than 6 bytes of intermediate character output. A remote attacker can supply crafted input to trigger a stack buffer overflow.
Some ISO-2022 variants can require up to 10 bytes per character, allowing an overflow of up to four bytes.