CVE-2026-45250

CVE-2026-45250 concerns a stack buffer overflow in the FreeBSD kernel arising from setcred(2). The unprivileged user can trigger a copyin into a fixed-size kernel-stack array before validating the number of supplementary groups, causing a stack overflow when the list is large. This allows an unpr...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

EUVD-2026-31252

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44048

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44056 Stack buffer overflow in desktop.c

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44056 Stack buffer overflow in desktop.c

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset()

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

EUVD-2026-31225

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44048

Netatalk 2.0.4–4.4.2 is affected by a stack-based buffer overflow due to UCS-2 type confusion in convert_charset(). Affected variants can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service; the issue is fixed in Netatalk 4.4.3. Debian notes the vulnerabil...

CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset()

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

CVE-2026-44048

A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...

Exploit for CVE-2026-45250

FreeBSD setcred2 — research artifacts This subdirectory col...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the setcred system call. This call copies a user-supplied supplementary group list into a fixed-size kernel stack buffer without verifying the length. This...

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.4 to 4.4.2 of Netatalk contain security vulnerabilities. These vulnerabilities stem from a confusion between UCS-2 typ...

PT-2026-42413

Name of the Vulnerable Software and Affected Versions Netatalk versions 1.3 through 4.2.2 Description A stack-based buffer overflow occurs in desktop.c. This allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data. A stack-based buff...

PT-2026-42400

Notice FreeBSD-EN-26:13.freebsd-update Advisories FreeBSD-SA-26:18.setcred Stack buffer overflow via setcred2 CVE Record: CVE-2026-45250 FreeBSD-SA-26:19.file Kernel use-after-free via file descriptor syscalls CVE Record: CVE-2026-45251 FreeBSD-SA-26:20.fusefs Heap overflow in FUSE LISTXATTR CVE...

PT-2026-42401

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description The ptracePT SC REMOTE function failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. This allows a user with debugging capabilities to trigger arbitrary cod...