First published: Wed Apr 07 2021(Updated: )
In FreeBSD 13.0-STABLE before n245118, 12.2-STABLE before r369552, 11.4-STABLE before r369560, 13.0-RC5 before p1, 12.2-RELEASE before p6, and 11.4-RELEASE before p9, a superuser inside a FreeBSD jail configured with the non-default allow.mount permission could cause a race condition between the lookup of ".." and remounting a filesystem, allowing access to filesystem hierarchy outside of the jail.
Credit: secteam@freebsd.org
Affected Software | Affected Version | How to fix |
---|---|---|
FreeBSD FreeBSD | <11.4 | |
FreeBSD FreeBSD | >=12.0<12.2 | |
FreeBSD FreeBSD | =11.4 | |
FreeBSD FreeBSD | =11.4-beta1 | |
FreeBSD FreeBSD | =11.4-p1 | |
FreeBSD FreeBSD | =11.4-p2 | |
FreeBSD FreeBSD | =11.4-p3 | |
FreeBSD FreeBSD | =11.4-p4 | |
FreeBSD FreeBSD | =11.4-p5 | |
FreeBSD FreeBSD | =11.4-rc1 | |
FreeBSD FreeBSD | =11.4-rc2 | |
FreeBSD FreeBSD | =12.2 | |
FreeBSD FreeBSD | =12.2-p1 | |
FreeBSD FreeBSD | =12.2-p2 | |
FreeBSD FreeBSD | =13.0-beta1 | |
FreeBSD FreeBSD | =13.0-beta2 | |
FreeBSD FreeBSD | =13.0-beta3 | |
FreeBSD FreeBSD | =13.0-beta4 | |
FreeBSD FreeBSD | =13.0-rc1 | |
FreeBSD FreeBSD | =13.0-rc2 | |
FreeBSD FreeBSD | =13.0-rc3 | |
FreeBSD FreeBSD | =13.0-rc4 | |
FreeBSD FreeBSD | =13.0-rc5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-25584 is a vulnerability in FreeBSD that allows a superuser inside a FreeBSD jail with the non-default allow.mount permission to cause a race condition.
CVE-2020-25584 has a severity level of 7.5 (High).
FreeBSD versions 11.4-RELEASE before p9, 11.4-STABLE before r369560, 12.2-RELEASE before p6, 12.2-STABLE before r369552, and 13.0-STABLE before n245118 are affected by CVE-2020-25584.
To fix CVE-2020-25584, it is recommended to update to FreeBSD versions that include the relevant patches.
You can find more information about CVE-2020-25584 in the advisories provided by FreeBSD and NetApp.