← volver
CVE-2026-45253

Missing validation in ptrace(PT_SC_REMOTE)

CVSS 8.4 HIGHEPSS 0.2%CWE-787
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.4EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
21 may 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows an unprivileged local user to escalate privileges, potentially gaining full control of the affected system.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
FreeBSD · FreeBSD

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://security.freebsd.org/advisories/FreeBSD-SA-26:21.ptrace.asc