This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
bba850fd-770e-11eb-b87a-901b0ef719ab | FreeBSD -- jail_attach(2) relies on the caller to change the cwdProblem Description:When a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed. Impact:A process with superuser privileges running inside a jail could change the root directory outside of the jail, thereby gaining full read and writing access to all files and directories in the system. Discovery 2021-02-24 Entry 2021-02-25 FreeBSD-kernel ge 12.2 lt 12.2_4 ge 11.4 lt 11.4_8 CVE-2020-25582 SA-21:05.jail_chdir |