EIP-2026-100959

PRE-CVE

FreeBSD 7.2 - VFS/devfs Race Condition

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100959. PoCs published by Przemyslaw Frasunek.

AI-analyzed exploit summary This exploit targets a race condition in FreeBSD 7.2 and below, leveraging a NULL pointer dereference in the VFS and devfs code to achieve local privilege escalation. It manipulates kernel memory to bypass security checks and execute arbitrary code with root privileges.

Description

FreeBSD 7.2 - VFS/devfs Race Condition

Exploits (1)

exploitdb WORKING POC VERIFIED

by Przemyslaw Frasunek · clocalfreebsd

https://www.exploit-db.com/exploits/9860

View Code ZIP pw:eip

This exploit targets a race condition in FreeBSD 7.2 and below, leveraging a NULL pointer dereference in the VFS and devfs code to achieve local privilege escalation. It manipulates kernel memory to bypass security checks and execute arbitrary code with root privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: FreeBSD 7.2 and below (including 6.4)

No auth needed

Prerequisites: Multiprocessor system · Access to a vulnerable FreeBSD system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1040 - Network Sniffing

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026