Platform
linux
Component
freebsd
Fixed in
p6
p2
p11
p12
CVE-2026-6386 is a privilege escalation vulnerability discovered in the FreeBSD Kernel. This flaw allows an unprivileged user to manipulate memory mappings, potentially leading to arbitrary code execution and complete system compromise. The vulnerability affects FreeBSD Kernel version 13.5-RELEASE–p12, and a patch is available in version p12.
The vulnerability stems from an error in how the kernel handles largepage mappings created with shmcreatelargepage(3). Specifically, the pmappkruupdate_range() function incorrectly treats userspace memory as a page table page. This misinterpretation allows an attacker to overwrite memory locations that would normally be inaccessible, effectively bypassing memory protection mechanisms. Successful exploitation could grant an attacker root privileges, enabling them to install malware, steal sensitive data, or completely control the affected system. The potential impact is significant, particularly in multi-user environments where an attacker could compromise other user accounts.
CVE-2026-6386 was publicly disclosed on 2026-04-22. Currently, there are no publicly available proof-of-concept exploits. The EPSS score is pending evaluation. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.02% (4% percentile)
The primary mitigation is to upgrade to FreeBSD Kernel 13.5-RELEASE–p12, which contains the fix for this vulnerability. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting access to the shmcreatelargepage(3) interface. Monitoring system logs for unusual memory access patterns can also help detect potential exploitation attempts. After upgrading, confirm the fix by attempting to reproduce the vulnerability using known exploit techniques and verifying that the memory protection mechanisms are functioning as expected.
Upgrade to FreeBSD 15.0-RELEASE-p6, 14.4-RELEASE-p2, 14.3-RELEASE-p11 or 13.5-RELEASE-p12 to mitigate the vulnerability. The update corrects an error in large page handling, preventing memory overwrites in userspace.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6386 is a vulnerability in FreeBSD Kernel 13.5-RELEASE–p12 that allows an unprivileged user to potentially gain elevated privileges by manipulating memory mappings.
If you are running FreeBSD Kernel 13.5-RELEASE–p12, you are potentially affected by this vulnerability. Upgrade to p12 to mitigate the risk.
The recommended fix is to upgrade to FreeBSD Kernel 13.5-RELEASE–p12. This version includes a patch that addresses the vulnerability.
As of the current disclosure date, there are no confirmed reports of active exploitation of CVE-2026-6386.
Please refer to the official FreeBSD security advisories for the most up-to-date information and announcements regarding CVE-2026-6386.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.