CVE-2026-32848
MediumCVSS 4.7Exploitation Probability (EPSS)
Low risk0th percentile - higher than 0% of all known CVEs
Summary
NetBSD prior to commit ec8451e has a race condition in cryptodev_op() within the opencrypto subsystem. Local attackers can concurrently issue CIOCCRYPT operations on the same session identifier on SMP systems, causing a double-free condition.
Risk Assessment
Attackers can corrupt kernel heap memory, potentially leading to system crashes or privilege escalation. The vulnerability requires local access and an SMP system.
Recommendation
Immediately update NetBSD to a version containing commit ec8451e or later. Restricting local access may reduce risk.
Original NVD description (English source)
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit mutable per-operation state embedded in the csession struct to corrupt kernel heap memory.

