CVE-2020-25582

Summary

In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed.

Affected Software

VendorProductVersion RangeStatus
n/aFreeBSDFreeBSD 12.2-RELEASE before p4, 11.4-RELEASE before p8affected

Weaknesses

  • Improper check for unusual conditions

ADP Enrichment

CVE Program Container

Additional References

References