Security Advisory: CVE-2026-7270 – FreeBSD Vulnerability Impact on KACE SMA and SDA (4383090)

A vulnerability has been identified in FreeBSD tracked as CVE-2026-7270. This vulnerability allows a buffer overflow via execve, enabling local privilege escalation to root. Due to FreeBSD's release lifecycle policy, a patch is only available for currently supported point releases, leaving KACE products running FreeBSD 14.0 without a vendor-supplied fix.

Exploitability

CVE-2026-7270 requires local authenticated OS-level access to exploit and does not allow unauthenticated remote access. KACE SMA and SDA are closed appliances; end users are not granted local OS accounts and cannot directly interact with the underlying FreeBSD system. However, this vulnerability could be leveraged as part of an exploit chain — for example, if an attacker first gains a foothold via a separate vulnerability, CVE-2026-7270 could then be used to escalate to root. Patching remains strongly recommended.

Relationship to CVE-2026-31431 ("copy.fail")

CVE-2026-7270 is not related to CVE-2026-31431 ("copy.fail"). Although both vulnerabilities were disclosed on April 30, 2026, they are independent findings. CVE-2026-31431 is a Linux kernel vulnerability affecting the algif_aead cryptographic module and does not affect FreeBSD. While both vulnerabilities allow an unprivileged local user to escalate to root, the underlying mechanisms are entirely different. CVE-2026-7270 is specific to a FreeBSD kernel operator precedence bug causing a buffer overflow in execve(2) argument handling, and is tracked under FreeBSD-SA-26:13.exec.

FreeBSD Release Lifecycle

FreeBSD provides security patches for a point release until 3 months after the following point release ships. As of this advisory, the supported 14.x releases are:

• FreeBSD 14.3 (EOL June 2026)
• FreeBSD 14.4 (EOL December 2026)

FreeBSD 14.0 reached end-of-life in October 2024 and will not receive a patch for CVE-2026-7270.

Affected Products

Security Advisory: CVE-2026-7270 – FreeBSD Vulnerability Impact on KACE SMA and SDA
Published: 2026-04-30 Severity: Critical CVE: CVE-2026-7270

KACE SMA

• SMA 14.0 and 14.1: No patch will be issued. Upgrade to SMA 15.0 is required.
• SMA 15.0: A fix has been delivered in Cumulative Patch 3.

KACE SDA

• SDA 9.3: No patch will be issued. FreeBSD 14.0 is outside the vendor support window.
• SDA 9.4: Built on FreeBSD 14.3, this release will include remediation for CVE-2026-7270 and all additional CVEs listed above upon release.

Additional CVEs Addressed in KACE SMA 15.0 Cumulative Patch 3

The following additional FreeBSD security advisories are resolved in Cumulative Patch 3, as they were included in FreeBSD 14.3-p11 and p12:

• FreeBSD-SA-26:12.dhclient — CVE-2026-42511 — Critical
• FreeBSD-SA-26:15.dhclient — CVE-2026-42512 — Critical
• FreeBSD-SA-26:10.tty — CVE-2026-5398 — High
• FreeBSD-SA-26:16.libnv — CVE-2026-39457 — High
• FreeBSD-SA-26:14.pf — CVE-2026-7164 — High
• FreeBSD-SA-26:11.amd64 — CVE-2026-6386 — Medium

Recommended Actions

1. SMA 14.0 / 14.1 customers: Upgrade to SMA 15.0 immediately, then apply Cumulative Patch 3.
2. SMA 15.0 customers: Apply Cumulative Patch 3 at earliest convenience.
3. SDA 9.3 customers: Plan to upgrade to SDA 9.4 upon release. Apply compensating network-level controls in the interim (e.g., restrict local/console access to the appliance).
4. All customers: Limit local access to affected appliances and monitor for unauthorized privilege escalation attempts until a patch is applied.