CVE-2026-45259

The CVE-2026-45259 issue affects FreeBSD Capsicum: in capability mode, sigqueue(2) remained permitted despite Capsicum, because kern_sigqueue lacks a capability-mode check to restrict signal delivery to the caller’s own PID. This lets a sandboxed process signal other processes it could normally s...

FreeBSD : FreeBSD -- sigqueue(2) missing capability mode restriction (94f20492-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 94f20492-6473-11f1-958d-bc241121aa0a advisory. sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the...

FreeBSD-SA-26:28.capsicum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:28.capsicum Security Advisory The FreeBSD Project Topic: sigqueue2 missing capability mode restriction Category: core Module: capsicum Announced: 2026-06-09...

FreeBSD Security Advisory - FreeBSD-SA-26:28.capsicum

FreeBSD Security Advisory - sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID...

FreeBSD -- sigqueue(2) missing capability mode restriction

Problem Description: sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. Impact: A process in capability mode ca...

Design/Logic Flaw

ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has a...

FreeBSD-SA-23:13.capsicum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:13.capsicum Security Advisory The FreeBSD Project Topic: copyfilerange insufficient capability rights check Category: core Module: capsicum Announced:...

Buffer Overflow vulnerability in FreeBSD

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in FreeBSD ping has been discovered that could allow remote code execution. A remote host can trigger the memory safety bug, causing the ping program to crash. Ping runs inside a...

FreeBSD -- Stack overflow in ping(8)

Problem Description: ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quot...