Severity: Unknown
Affected Package: kernel
Summary: Linuxulator does not set AT_SECURE for setuid/setgid binaries
When constructing the Linux ELF auxiliary vector, the Linuxulator derived AT_SECURE from P_SUGID, which is not set until later in execve(2) and so could not reliably indicate a setuid/setgid binary. As a result AT_SECURE could be unset for setugid Linux binaries, defeating secure runtime linker mode. Fixed by using image_params.credential_setid. Ports FreeBSD-SA-26:30.linux.
No specific recommendations provided.
Aliases: CVE-2026-49413
Published: June 11, 2026
Last Modified: June 11, 2026