vulnerability

FreeBSD: VID-BBA850FD-770E-11EB-B87A-901B0EF719AB (CVE-2020-25582): FreeBSD -- jail_attach(2) relies on the caller to change the cwd

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:N)	2021-02-24	2021-02-25	2021-04-05

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:N)

Published

2021-02-24

Added

2021-02-25

Modified

2021-04-05

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-BBA850FD-770E-11EB-B87A-901B0EF719AB:

Problem Description:

When a process, such as jexec(8) or killall(1), calls jail_attach(2)

to enter a jail, the jailed root can attach to it using ptrace(2) before

the current working directory is changed.

Impact:

A process with superuser privileges running inside a jail could change

the root directory outside of the jail, thereby gaining full read and

writing access to all files and directories in the system.

Solution(s)

freebsd-upgrade-base-11_4-release-p8freebsd-upgrade-base-12_2-release-p4

References

NVD-CVE-2020-25582

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today