Date: Wed, 28 Jan 2026 01:19:34 +0000 From: Philip Paeps <philip@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 01bdc2841a55 - main - security/vuxml: add FreeBSD SA issued on 2026-01-27 Message-ID: <69796426.df78.1c1d2160@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by philip: URL: https://cgit.FreeBSD.org/ports/commit/?id=01bdc2841a55c3a2c23a0352719dd7b11659f3a7 commit 01bdc2841a55c3a2c23a0352719dd7b11659f3a7 Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2026-01-28 01:15:48 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2026-01-28 01:15:48 +0000 security/vuxml: add FreeBSD SA issued on 2026-01-27 FreeBSD-SA-26:02.jail affects 13.5R and 14.3R --- security/vuxml/vuln/2026.xml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/security/vuxml/vuln/2026.xml b/security/vuxml/vuln/2026.xml index f34ba58f2b88..9d02631481f1 100644 --- a/security/vuxml/vuln/2026.xml +++ b/security/vuxml/vuln/2026.xml @@ -1,3 +1,37 @@ + <vuln vid="90071333-fbe5-11f0-a13f-bc241121aa0a"> + <topic>FreeBSD -- Jail escape by a privileged user via nullfs</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>14.3</ge><lt>14.3_8</lt></range> + <range><ge>13.5</ge><lt>13.5_9</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <h1>Problem Description:</h1> + <p>By default, jailed processes cannot mount filesystems, including + nullfs(4). However, the allow.mount.nullfs option enables mounting + nullfs filesystems, subject to privilege checks.</p> + <p>If a privileged user within a jail is able to nullfs-mount directories, + a limitation of the kernel's path lookup logic allows that user to + escape the jail's chroot, yielding access to the full filesystem + of the host or parent jail.</p> + <h1>Impact:</h1> + <p>In a jail configured to allow nullfs(4) mounts from within the + jail, the jailed root user can escape the jail's filesystem root.</p> + </body> + </description> + <references> + <cvename>CVE-2025-15547</cvename> + <freebsdsa>SA-26:02.jail</freebsdsa> + </references> + <dates> + <discovery>2026-01-27</discovery> + <entry>2026-01-28</entry> + </dates> + </vuln> + <vuln vid="4b824428-fb93-11f0-b194-8447094a420f"> <topic>OpenSSL -- Multiple vulnerabilities</topic> <affects>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69796426.df78.1c1d2160>