Search
Find a vulnerability
Search criteria
Related vulnerabilities
CERTFR-2026-AVI-0716
Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-12
De multiples vulnérabilités ont été découvertes dans FreeBSD. Elles permettent à un attaquant de provoquer une élévation de privilèges.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| FreeBSD | FreeBSD | FreeBSD branche 14.4 versions antérieures à 14.4-n273719 | ||
| FreeBSD | FreeBSD | FreeBSD branche 14.3 versions antérieures à 14.3-n271519 | ||
| FreeBSD | FreeBSD | FreeBSD branche 14 versions antérieures à 14-n274315 | ||
| FreeBSD | FreeBSD | FreeBSD branche 15 versions antérieures à 15-n283886 | ||
| FreeBSD | FreeBSD | FreeBSD branche 15.1 versions antérieures à 15.1-n283555 | ||
| FreeBSD | FreeBSD | FreeBSD branche 15.0 versions antérieures à 15.0-n281057 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FreeBSD branche 14.4 versions ant\u00e9rieures \u00e0 14.4-n273719",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "FreeBSD branche 14.3 versions ant\u00e9rieures \u00e0 14.3-n271519",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "FreeBSD branche 14 versions ant\u00e9rieures \u00e0 14-n274315",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "FreeBSD branche 15 versions ant\u00e9rieures \u00e0 15-n283886",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "FreeBSD branche 15.1 versions ant\u00e9rieures \u00e0 15.1-n283555",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
},
{
"description": "FreeBSD branche 15.0 versions ant\u00e9rieures \u00e0 15.0-n281057",
"product": {
"name": "FreeBSD",
"vendor": {
"name": "FreeBSD",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-45257",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45257"
},
{
"name": "CVE-2026-49413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49413"
}
],
"initial_release_date": "2026-06-10T00:00:00",
"last_revision_date": "2026-06-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0716",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-10T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 FreeBSD FreeBSD-SA-26:26 du 9 juin 2026.",
"revision_date": "2026-06-12T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans FreeBSD. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans FreeBSD",
"vendor_advisories": [
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 FreeBSD FreeBSD-SA-26:26",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-26:26.ktls.asc"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 FreeBSD FreeBSD-SA-26:30",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-26:30.linux.asc"
}
]
}
WID-SEC-W-2026-1871
Vulnerability from csaf_certbund - Published: 2026-06-09 22:00 - Updated: 2026-06-11 22:00Summary
FreeBSD Project FreeBSD OS: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: FreeBSD ist ein Open Source Betriebssystem aus der BSD Familie und gehört damit zu den Unix Derivaten.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in FreeBSD Project FreeBSD OS ausnutzen, um erweiterte Rechte zu erlangen – möglicherweise sogar Administratorrechte –, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder andere, nicht näher definierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
FreeBSD Project FreeBSD OS <15.0
FreeBSD Project / FreeBSD OS
|
<15.0 | ||
|
FreeBSD Project FreeBSD OS <15.1
FreeBSD Project / FreeBSD OS
|
<15.1 | ||
|
FreeBSD Project FreeBSD OS <14.3
FreeBSD Project / FreeBSD OS
|
<14.3 | ||
|
FreeBSD Project FreeBSD OS <14.4
FreeBSD Project / FreeBSD OS
|
<14.4 |
References
12 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeBSD ist ein Open Source Betriebssystem aus der BSD Familie und geh\u00f6rt damit zu den Unix Derivaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in FreeBSD Project FreeBSD OS ausnutzen, um erweiterte Rechte zu erlangen \u2013 m\u00f6glicherweise sogar Administratorrechte \u2013, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder andere, nicht n\u00e4her definierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1871 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1871.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1871 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1871"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:25.thr vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:25.thr.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:26.ktls vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:26.ktls.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:27.sound vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:27.sound.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:28.capsicum vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:28.capsicum.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:29.ip6_multicast vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:29.ip6_multicast.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:30.linux vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:30.linux.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:32.elf vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:32.elf.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:34.vt vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:34.vt.asc"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FreeBSD-SA-26:36.ldns vom 2026-06-09",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-26:36.ldns.asc"
},
{
"category": "external",
"summary": "Writeup \"Bumsrakete\" for FreeBSD-SA-26:26.ktls",
"url": "https://bumsrake.de/"
}
],
"source_lang": "en-US",
"title": "FreeBSD Project FreeBSD OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-11T22:00:00.000+00:00",
"generator": {
"date": "2026-06-12T07:40:54.662+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1871",
"initial_release_date": "2026-06-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-35991"
},
{
"date": "2026-06-11T22:00:00.000+00:00",
"number": "3",
"summary": "PoC f\u00fcr CVE-2026-45257 aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.1",
"product": {
"name": "FreeBSD Project FreeBSD OS \u003c15.1",
"product_id": "T055200"
}
},
{
"category": "product_version",
"name": "15.1",
"product": {
"name": "FreeBSD Project FreeBSD OS 15.1",
"product_id": "T055200-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:15.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.0",
"product": {
"name": "FreeBSD Project FreeBSD OS \u003c15.0",
"product_id": "T055201"
}
},
{
"category": "product_version",
"name": "15",
"product": {
"name": "FreeBSD Project FreeBSD OS 15.0",
"product_id": "T055201-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:15.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.4",
"product": {
"name": "FreeBSD Project FreeBSD OS \u003c14.4",
"product_id": "T055202"
}
},
{
"category": "product_version",
"name": "14.4",
"product": {
"name": "FreeBSD Project FreeBSD OS 14.4",
"product_id": "T055202-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:14.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14.3",
"product": {
"name": "FreeBSD Project FreeBSD OS \u003c14.3",
"product_id": "T055203"
}
},
{
"category": "product_version",
"name": "14.3",
"product": {
"name": "FreeBSD Project FreeBSD OS 14.3",
"product_id": "T055203-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:14.3"
}
}
}
],
"category": "product_name",
"name": "FreeBSD OS"
}
],
"category": "vendor",
"name": "FreeBSD Project"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-10846",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-10846"
},
{
"cve": "CVE-2026-45256",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-45256"
},
{
"cve": "CVE-2026-45257",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-45257"
},
{
"cve": "CVE-2026-45258",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-45258"
},
{
"cve": "CVE-2026-45259",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-45259"
},
{
"cve": "CVE-2026-49412",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-49412"
},
{
"cve": "CVE-2026-49413",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-49413"
},
{
"cve": "CVE-2026-49414",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-49414"
},
{
"cve": "CVE-2026-49416",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-49416"
},
{
"cve": "CVE-2026-49417",
"product_status": {
"known_affected": [
"T055201",
"T055200",
"T055203",
"T055202"
]
},
"release_date": "2026-06-09T22:00:00.000+00:00",
"title": "CVE-2026-49417"
}
]
}