CVE-2026-32848

Name of the Vulnerable Software and Affected Versions NetBSD versions prior to commit ec8451e

Description A race condition in the cryptodev op() function within the opencrypto subsystem allows local attackers to trigger a double-free condition on SMP (Symmetric Multiprocessing) systems. This occurs when CIOCCRYPT operations are issued concurrently using the same session identifier. Attackers can leverage mutable per-operation state within the csession struct to corrupt kernel heap memory.

Recommendations Update NetBSD to a version that includes commit ec8451e.