FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Heap overflow in libnv

Affected packages
15.0 <= FreeBSD-kernel < 15.0_7
14.4 <= FreeBSD-kernel < 14.4_3
14.3 <= FreeBSD-kernel < 14.3_12
13.5 <= FreeBSD-kernel < 13.5_13

Details

VuXML ID c3a9c5a6-4435-11f1-bb07-bc241121aa0a
Discovery 2026-04-29
Entry 2026-04-30

Problem Description:

When processing the header of an incoming message, libnv failed to properly validate the message size.

Impact:

The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.

References

CVE Name CVE-2026-35547
FreeBSD Advisory SA-26:17.libnv

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.