Use After Free in Freebsd

CVE-2026-49412

The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the han…

Vulnerability class: Use-After-Free

EPSS: 0.001 (3.2th percentile) — read the EPSS interpretation.