CVE-2020-25582

Description


In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed.

CvssV3 impact


BaseSeverity

HIGH

ConfidentialityImpact

HIGH

AttackComplexity

LOW

Scope

CHANGED

AttackVector

NETWORK

AvailabilityImpact

NONE

IntegrityImpact

HIGH

PrivilegesRequired

HIGH

BaseScore

8.7

VectorString

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact


AccessComplexity

LOW

ConfidentialityImpact

COMPLETE

AvailabilityImpact

NONE

IntegrityImpact

COMPLETE

BaseScore

8.5

VectorString

AV:N/AC:L/Au:S/C:C/I:C/A:N

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE