FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a7b97d26-9792-11eb-b87a-901b0ef719abFreeBSD -- jail escape possible by mounting over jail root

Problem Description:

Due to a race condition between lookup of ".." and remounting a filesystem, a process running inside a jail might access filesystem hierarchy outside of jail.

Impact:

A process with superuser privileges running inside a jail configured with the allow.mount permission (not enabled by default) could change the root directory outside of the jail, and thus gain full read and write access to all files and directories in the system.


Discovery 2021-04-06
Entry 2021-04-07
FreeBSD-kernel
ge 12.2 lt 12.2_6

ge 11.4 lt 11.4_9

CVE-2020-25584
SA-21:10.jail_mount