Date: Wed, 14 Feb 2024 09:55:23 +0100 From: Andrea Venturoli <ml@netfence.it> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-24:02.tty Message-ID: <40f75ef7-78d6-481e-967f-c5f258830596@netfence.it> In-Reply-To: <20240214070711.3259126676@freefall.freebsd.org> References: <20240214070711.3259126676@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/14/24 08:07, FreeBSD Security Advisories wrote: > ============================================================================= > FreeBSD-SA-24:02.tty Security Advisory > The FreeBSD Project > > Topic: jail(2) information leak > > Category: core > Module: jail > Announced: 2024-02-14 > Credits: Pawel Jakub Dawidek > Affects: All supported versions of FreeBSD. > Corrected: 2024-02-12 16:25:54 UTC (stable/14, 14.0-STABLE) > 2024-02-14 06:05:46 UTC (releng/14.0, 14.0-RELEASE-p5) > 2024-02-12 16:27:37 UTC (stable/13, 13.2-STABLE) > 2024-02-14 06:06:01 UTC (releng/13.2, 13.2-RELEASE-p10) > CVE Name: CVE-2024-25941 Hello. Sorry for my dumbness, but I fail to understand the severity of this problem. Is it like drop-everything-and-patch-yesterday or take-it-easy-and-do-it-when-you-can? How could the extracted info (tty list) be used? bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40f75ef7-78d6-481e-967f-c5f258830596>