vulnerability

FreeBSD: VID-a7b97d26-9792-11eb-b87a-901b0ef719ab (CVE-2020-25584): FreeBSD -- jail escape possible by mounting over jail root

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:H/Au:N/C:C/I:C/A:C)	Apr 7, 2021	Nov 4, 2022	Mar 25, 2026

Severity

CVSS

(AV:L/AC:H/Au:N/C:C/I:C/A:C)

Published

Apr 7, 2021

Added

Nov 4, 2022

Modified

Mar 25, 2026

Description

Problem Description: Due to a race condition between lookup of ".." and remounting a filesystem, a process running inside a jail might access filesystem hierarchy outside of jail. Impact: A process with superuser privileges running inside a jail configured with the allow.mount permission (not enabled by default) could change the root directory outside of the jail, and thus gain full read and write access to all files and directories in the system.

Solutions

freebsd-upgrade-base-12_2-release-p6freebsd-upgrade-base-11_4-release-p9

References

CVE-2020-25584
https://attackerkb.com/topics/CVE-2020-25584
CWE-362
EUVD-EUVD-2020-18264
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-18264

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today