Incorrect libcap_net limitation list manipulation
Summary
| CVE | CVE-2026-45254 |
|---|---|
| State | PUBLISHED |
| Assigner | freebsd |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-21 10:16:26 UTC |
| Updated | 2026-05-21 19:00:47 UTC |
| Description | In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit that extended the permissions of the process. |
Risk And Classification
Primary CVSS: v3.1 6.5 MEDIUM from ADP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS: 0.000380000 probability, percentile 0.115460000 (date 2026-05-27)
Problem Types: CWE-269 | CWE-269 CWE-269 Improper Privilege Management
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | DECLARED | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
LowIntegrity
LowAvailability
NoneCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Freebsd | Freebsd | 14.3 | - | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p10 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p11 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p12 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p13 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p2 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p3 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p5 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p6 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p7 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p8 | All | All |
| Operating System | Freebsd | Freebsd | 14.3 | p9 | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | - | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | p2 | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | p3 | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 14.4 | rc1 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | - | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p2 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p3 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p5 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p6 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p7 | All | All |
| Operating System | Freebsd | Freebsd | 15.0 | p8 | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| security.freebsd.org/advisories/FreeBSD-SA-26:24.cap_net.asc | [email protected] | security.freebsd.org | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Joshua Rogers of AISLE Research Team (en)
There are currently no legacy QID mappings associated with this CVE.