Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-32848
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-18 May, 2026 | 17:52
Updated At-18 May, 2026 | 17:52
Rejected At-
▼CVE Numbering Authority (CNA)
NetBSD cryptodev Race Condition Double-Free via cryptodev_op()

NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit mutable per-operation state embedded in the csession struct to corrupt kernel heap memory.

Affected Products
Vendor
NetBSDNetBSD
Product
src
Repo
https://github.com/NetBSD/src
Default Status
affected
Versions
Affected
  • From 0 before ec8451efc1565516aba9e7047e1a1a1ce7953a2f (git)
Problem Types
TypeCWE IDDescription
CWECWE-415Double Free
CWECWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Type: CWE
CWE ID: CWE-415
Description: Double Free
Type: CWE
CWE ID: CWE-362
Description: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Metrics
VersionBase scoreBase severityVector
4.05.7MEDIUM
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3.14.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
nasm
finder
VulnCheck
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://nasm.re/posts/uaf_netbsd_crypto/
technical-description
exploit
https://github.com/NetBSD/src/commit/ec8451efc1565516aba9e7047e1a1a1ce7953a2f
patch
https://www.vulncheck.com/advisories/netbsd-cryptodev-race-condition-double-free-via-cryptodev-op
third-party-advisory
Hyperlink: https://nasm.re/posts/uaf_netbsd_crypto/
Resource:
technical-description
exploit
Hyperlink: https://github.com/NetBSD/src/commit/ec8451efc1565516aba9e7047e1a1a1ce7953a2f
Resource:
patch
Hyperlink: https://www.vulncheck.com/advisories/netbsd-cryptodev-race-condition-double-free-via-cryptodev-op
Resource:
third-party-advisory
Details not found