EIP-2026-100960

PRE-CVE

FreeBSD-SA-19:15.mqueuefs - Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100960. PoCs published by Karsten König.

AI-analyzed exploit summary This exploit targets FreeBSD mqueuefs vulnerabilities (FreeBSD-SA-19:15.mqueuefs and FreeBSD-SA-19:24.mqueue) to achieve local privilege escalation by leveraging a use-after-free condition and manipulating file descriptors to overwrite /etc/libmap.conf.

Description

FreeBSD-SA-19:15.mqueuefs - Privilege Escalation

Exploits (1)

exploitdb WORKING POC VERIFIED

by Karsten König · bashlocalfreebsd

https://www.exploit-db.com/exploits/47830

View Code ZIP pw:eip

This exploit targets FreeBSD mqueuefs vulnerabilities (FreeBSD-SA-19:15.mqueuefs and FreeBSD-SA-19:24.mqueue) to achieve local privilege escalation by leveraging a use-after-free condition and manipulating file descriptors to overwrite /etc/libmap.conf.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: FreeBSD with mqueuefs (versions affected by FreeBSD-SA-19:15 and FreeBSD-SA-19:24)

No auth needed

Prerequisites: Local access to a vulnerable FreeBSD system · Presence of /etc/libmap.conf · Sufficient RAM and CPU cores for race condition exploitation

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1211 - Exploitation for Defense Evasion

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026