CVE-2026-45253— FreeBSD 缓冲区错误漏洞

Missing validation in ptrace(PT_SC_REMOTE)

ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows an unprivileged local user to escalate privileges, potentially gaining full control of the affected system.

N/A

跨界内存写

FreeBSD 缓冲区错误漏洞

FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在缓冲区错误漏洞，该漏洞源于ptrace(PT_SC_REMOTE)未正确验证syscall(2)和__syscall(2)元系统调用的参数，可能导致具有调试进程能力的用户在内核中触发任意代码执行，从而允许无特权的本地用户提升权限，可能完全控制受影响系统。

N/A

N/A