FreeBSD security vulnerability (CVE-2024-43102)

CVE-2024-43102 is a critical vulnerability affecting FreeBSD, specifically related to the improper handling of anonymous shared memory mappings in the kernel. This vulnerability is tied to the UMTX_SHM_DESTROY operation within the UMTX_OP_SHM API. If exploited, it can lead to a premature freeing of memory, which may result in a kernel panic or enable further โ€œuse-after-freeโ€ attacks. In some scenarios, this flaw could lead to unauthorized code execution or the bypassing of sandbox protections, such as Capsicum.

The vulnerability has a CVSS score of 10.0, marking it as critical due to the low complexity of exploiting it remotely without requiring user interaction or privileged access.

See more details on: