EUVD-2026-39961

🗓️ 27 Jun 2026 08:48:30Reported by EUVDType

Freeing a valid audio buffer leaks mappings; world accessible /dev/dsp enables local users to read/write kernel memory, risking escalation.

Reporter	Title	Published	Views	Family All 10
FreeBSD	FreeBSD -- Multiple vulnerabilities in the sound(4) mmap path	9 Jun 202600:00	–	freebsd
ATTACKERKB	CVE-2026-49417	27 Jun 202608:48	–	attackerkb
Circl	CVE-2026-49417	27 Jun 202609:53	–	circl
CVE	CVE-2026-49417	27 Jun 202608:48	–	cve
Cvelist	CVE-2026-49417 Multiple vulnerabilities in the sound(4) mmap path	27 Jun 202608:48	–	cvelist
FreeBSD Advisory	FreeBSD-SA-26:27.sound	9 Jun 202600:00	–	freebsd_advisory
Tenable Nessus	FreeBSD : FreeBSD -- Multiple vulnerabilities in the sound(4) mmap path (253188dd-6473-11f1-958d-bc241121aa0a)	11 Jun 202600:00	–	nessus
NVD	CVE-2026-49417	27 Jun 202609:16	–	nvd
Packet Storm News	FreeBSD Security Advisory - FreeBSD-SA-26:27.sound	9 Jun 202600:00	–	packetstormnews
Positive Technologies	PT-2026-53063	27 Jun 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "3b27987d-de00-3ad5-adc9-900340b1703d",
        "vendor": {
          "name": "FreeBSD"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4ce789f6-01cc-3b99-a081-9228a9ea0424",
        "product": {
          "name": "FreeBSD",
          "vendor": {
            "name": "FreeBSD"
          }
        },
        "product_version": "14.4-RELEASE <p6"
      },
      {
        "id": "5a37a8c1-2c33-3db6-8b26-466b118e849c",
        "product": {
          "name": "FreeBSD",
          "vendor": {
            "name": "FreeBSD"
          }
        },
        "product_version": "15.0-RELEASE <p10"
      },
      {
        "id": "82b533ca-d88b-3283-8797-7d7d5a3a8267",
        "product": {
          "name": "FreeBSD",
          "vendor": {
            "name": "FreeBSD"
          }
        },
        "product_version": "14.3-RELEASE <p15"
      }
    ]
  }
]

Source	Link
security	www.security.freebsd.org/advisories/FreeBSD-SA-26:27.sound.asc

27 Jun 2026 08:48Current

5.9Medium risk

Vulners AI Score5.9