CVE-2026-45252
Buffer Overflow in FreeBSD fusefs Kernel Module
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: FreeBSD
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| freebsd | freebsd | 15 |
| freebsd | freebsd | 14 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the FreeBSD fusefs kernel module when it handles extended attributes via the FUSE_LISTXATTR message. The kernel expects a list of NUL-terminated strings from the userspace daemon, but it does not verify that the entire list is properly NUL-terminated before calling strlen() on it.
If a malicious daemon sends a list that is not NUL-terminated, the kernel module may read beyond the end of one heap-allocated buffer and potentially write beyond the end of another buffer. This can lead to disclosure of up to 253 bytes of kernel heap memory or injection of up to 250 attacker-controlled bytes into unallocated kernel heap space.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing a malicious userspace daemon to either read sensitive kernel heap memory or inject malicious data into kernel memory. Specifically, it can disclose up to 253 bytes of kernel heap memory, potentially leaking sensitive information, or write up to 250 bytes of attacker-controlled data into unallocated kernel heap space, which could lead to further exploitation or system instability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, users should upgrade their FreeBSD systems to the patched versions in stable/15, stable/14, or their respective release branches with fixes applied after May 20, 2026.
After upgrading, a system reboot is necessary to apply the fixes.
If your system does not use the fusefs module or has vfs.usermount disabled, it is unaffected by this vulnerability.
Upgrades can be performed using pkg, freebsd-update, or by applying source code patches.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific information provided about detection methods or commands to identify this vulnerability on a network or system.