DigiNews

Summary

FatGid documents a FreeBSD 14.x kernel local privilege escalation via setcred(2), identified as CVE-2026-45250. The write-up explains a kernel stack overflow in kern_setcred_copyin_supp_groups(), outlines exploit paths with and without SMAP/SMEP, and discusses fix status and mitigations. It also provides proof-of-concept details, timeline, and disclosures from the FreeBSD security community.