A critical Local Privilege Escalation (LPE) vulnerability, dubbed BUMSRAKETE, has been discovered in FreeBSD's kTLS-RX implementation affecting all versions ≥ 13.0. The flaw allows any unprivileged user to write arbitrary data to any file they have read access to, bypassing standard file permissions and security checks. This vulnerability is comparable to Linux's Dirty Pipe and affects multiple architectures including amd64, arm64, and riscv.
Background
FreeBSD is a free and open-source Unix-like operating system known for its advanced networking, performance, and security features. The kernel TLS (kTLS) implementation is designed to improve performance by handling TLS encryption/decryption in the kernel rather than in userspace.
- Source
- Lobsters
- Published
- Jun 11, 2026 at 09:40 PM
- Score
- 9.0 / 10