GCVE - cpe:2.3:o:freebsd:freebsd:15.0:p5:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:15.0:p5:*:*:*:*:*:*

part: o version: 15.0 update: p5

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.207108

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-7270`	vulnerable	2026-06-08 08:08:56.780196	Local privilege escalation via execve() An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges. Published: 2026-04-30T07:02:48.276Z Updated: 2026-05-10T06:55:17.771Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-26:13.exec.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-7164`	vulnerable	2026-06-08 08:07:05.477282	pf can overflow the stack parsing crafted SCTP packets Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset. Published: 2026-04-30T07:23:52.601Z Updated: 2026-04-30T13:09:07.760Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-26:14.pf.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-6386`	vulnerable	2026-06-08 08:07:04.726612	Missing large page handling in pmap_pkru_update_range() In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shm_create_largepage(3) interface. In particular, it would always treat a page directory page entry as pointing to another page table page. The bug can be abused by an unprivileged user to cause pmap_pkru_update_range() to treat userspace memory as a page table page, and thus overwrite memory to which the application would otherwise not have access. Published: 2026-04-22T02:33:24.846Z Updated: 2026-04-22T14:32:53.989Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-26:11.amd64.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-5398`	vulnerable	2026-06-08 08:07:03.673247	Kernel use-after-free bug in the TIOCNOTTY handler The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. A malicious process can abuse the dangling pointer to grant itself root privileges. Published: 2026-04-22T02:23:56.767Z Updated: 2026-04-23T03:56:10.203Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-26:10.tty.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-42512`	vulnerable	2026-06-08 08:03:16.435703	Remotely triggerable out-of-bounds heap write in dhclient As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to overrun its buffer of environment entries. This can result in a crash, but it may be possible to leverage this bug to achieve remote code execution. Published: 2026-04-30T07:58:37.145Z Updated: 2026-05-01T15:26:06.292Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-26:15.dhclient.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-42511`	vulnerable	2026-06-08 08:03:16.431929	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-39457`	vulnerable	2026-06-08 08:01:16.548058	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-35547`	vulnerable	2026-06-08 07:59:14.124880	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.