CVE-2026-45259 - Vulnerability Details

Description

sigqueue(2) was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kern_sigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID.

A process in capability mode can use sigqueue(2) to send signals to any process it could signal following standard Unix permissions, bypassing the Capsicum sandbox restriction. A compromised sandboxed process could interfere with other processes, for example by sending SIGKILL or SIGSTOP. This could be any process running as the same user, or any process, for a superuser sandboxed process.

Published: 2026-06-27

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

FreeBSD

unknown

Version	Status	Constraints
`15.0-RELEASE`	affected	< p10
`14.4-RELEASE`	affected	< p6
`14.3-RELEASE`	affected	< p15

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://security.freebsd.org/advisories/FreeBSD-SA-26:28.capsicum.asc

History

Sat, 27 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		sigqueue(2) was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kern_sigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue(2) to send signals to any process it could signal following standard Unix permissions, bypassing the Capsicum sandbox restriction. A compromised sandboxed process could interfere with other processes, for example by sending SIGKILL or SIGSTOP. This could be any process running as the same user, or any process, for a superuser sandboxed process.
Title		sigqueue(2) missing capability mode restriction
Weaknesses		CWE-266
References		https://security.freebsd.org/advisories/FreeBSD-SA-26:28.capsicum.asc

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: freebsd

Published: 2026-06-27T08:59:17.853Z

Updated: 2026-06-27T08:59:17.853Z

Reserved: 2026-05-11T16:27:44.892Z

Link: CVE-2026-45259

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-27T10:30:14Z

Weaknesses

CWE-266

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object