Audio Buffer Vulnerability in FreeBSD Operating System
CVE-2026-49417

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 27 June 2026

What is CVE-2026-49417?

The vulnerability involves an issue with audio buffer management in the FreeBSD Operating System. When the audio device is closed, the buffer backing a mapping may be prematurely freed, leaving a stale reference accessible to users. As a result, unprivileged local users can exploit this vulnerability to read and write to kernel memory, leading to potential privilege escalation and full system control. Additionally, this flaw can cause kernel crashes, creating opportunities for Denial of Service attacks, compromising system stability.

Affected Version(s)

FreeBSD 15.0-RELEASE

FreeBSD 14.4-RELEASE

FreeBSD 14.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:27....

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2026
Vulnerability Reserved
May 29, 2026

Credit

Lexpl0it, 75Acol, Liyw979, Rob1n

CVE-2026-49417 Data

JSON