This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-12 06:36:57 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a7b97d26-9792-11eb-b87a-901b0ef719ab | FreeBSD -- jail escape possible by mounting over jail rootProblem Description:Due to a race condition between lookup of ".." and remounting a filesystem, a process running inside a jail might access filesystem hierarchy outside of jail. Impact:A process with superuser privileges running inside a jail configured with the allow.mount permission (not enabled by default) could change the root directory outside of the jail, and thus gain full read and write access to all files and directories in the system. Discovery 2021-04-06 Entry 2021-04-07 FreeBSD-kernel ge 12.2 lt 12.2_6 ge 11.4 lt 11.4_9 CVE-2020-25584 SA-21:10.jail_mount |