FreeBSD SA-26:11 Advisory: CVE-2026-6386 Kernel Memory Corruption Vulnerability

FreeBSD SA-26:11.amd64 Security Advisory Summary Vulnerability Overview Vulnerability Name: Missing large page handling in pmap_pku_update_range() CVE ID: CVE-2026-6386 Description: On the amd64 architecture, the kernel fails to account for the presence of 1GB large page mappings when attempting to map protection keys to an address range. This causes the kernel to incorrectly point a page directory entry to another page table, allowing unprivileged users to modify user-space memory by abusing the function, thereby overwriting memory that should not be accessible. Impact Scope Affected Systems: All supported FreeBSD versions (amd64 architecture). Specific Versions: 15.0-STABLE 15.0-RELEASE-p6 stable/14.3 14.3-RELEASE-p2 releng/14.4 14.4-RELEASE-p11 stable/13.3 releng/13.5 13.5-RELEASE-p12 Remediation Currently, there is no temporary workaround. It is recommended to upgrade the system to the patched version. 1. Upgrade Using pkg(8) Tool (for amd64 or arm64 platforms) Applicable to 15.0-RELEASE installed from base system packages: 2. Upgrade Using Binary Distribution Sets (for amd64 platform) Applicable to FreeBSD 13 versions not installed via base system packages: 3. Upgrade Using Source Code Patches Applicable to branches such as FreeBSD 15.0, 14.4, 14.3, 13.5, etc. Step a: Download and Verify Patch Step b: Apply Patch Step c: Rebuild Kernel and Reboot Refer to documentation: FreeBSD Kernel Configuration

Goal Reached Thanks to every supporter — we hit 100%!

FreeBSD SA-26:11 Advisory: CVE-2026-6386 Kernel Memory Corruption Vulnerability