vulnerability

FreeBSD: VID-bba850fd-770e-11eb-b87a-901b0ef719ab (CVE-2020-25582): FreeBSD -- jail_attach(2) relies on the caller to change the cwd

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:N)

Published

Feb 25, 2021

Added

Feb 25, 2021

Modified

Jun 15, 2026

Description

In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed.

Solutions

freebsd-upgrade-base-12_2-release-p4freebsd-upgrade-base-11_4-release-p8

References

CVE-2020-25582
https://attackerkb.com/topics/CVE-2020-25582
CWE-362
EUVD-EUVD-2020-18262
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-18262

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report