FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD-kernel -- Kernel stack disclosure in 32-bit compatibility support

Affected packages
15.0 <= FreeBSD-kernel < 15.0_11
14.4 <= FreeBSD-kernel < 14.4_7
14.3 <= FreeBSD-kernel < 14.3_16

Details

VuXML ID 43f9ca02-74e3-11f1-958d-bc241121aa0a
Discovery 2026-06-30
Entry 2026-07-01

Problem Description:

The compat32 kevent() handler translates a 64-bit kevent struct into a stack- declared 32-bit struct. It did not first zero the stack struct.

Impact:

An unprivileged user may observe a small amount of uninitialized kernel stack data, which may contain sensitive information.

References

CVE Name CVE-2026-49425
FreeBSD Advisory SA-26:48.compat32