Back to search
CVE-2026-45253
Published: May 21, 2026
Modified: May 22, 2026
PUBLISHED
Description
ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows an unprivileged local user to escalate privileges, potentially gaining full control of the affected system.
| Vendor | Product | Versions |
|---|---|---|
FreeBSD | FreeBSD | affected 15.0-RELEASE - < p9affected 14.4-RELEASE - < p5affected 14.3-RELEASE - < p14 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now