FreeBSD libcap_net Incorrect Limit Handling Vulnerability Allowing Permission Escalation

A vulnerability exists in the FreeBSD libcap_net service, which is used by Capsicum-sandboxed applications to manage networking capabilities. When an application requests a new set of permissions, any keys omitted from the new limit are incorrectly interpreted as 'allow any', rather than being rejected. This flaw can enable an application to extend its previously restricted network operations, potentially leading to unauthorized access or actions.

Impact

Exploitation of this vulnerability could allow applications to gain extended network permissions, bypassing previous restrictions and potentially leading to unauthorized network operations.

Remediation

Users can upgrade to a supported FreeBSD stable or release branch dated after the correction date. Instructions for updating via the pkg utility, freebsd-update utility, or by applying a source code patch are available in the FreeBSD Security Advisory FreeBSD-SA-26:24.cap_net.