CVE-2020-25584

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 13.0-STABLE before n245118 FreeBSD versions 12.2-STABLE before r369552 FreeBSD versions 11.4-STABLE before r369560 FreeBSD versions 13.0-RC5 before p1 FreeBSD versions 12.2-RELEASE before p6 FreeBSD versions 11.4-RELEASE before p9

Description: A superuser inside a FreeBSD jail configured with the non-default allow.mount permission could cause a race condition between the lookup of ".." and remounting a filesystem, allowing access to filesystem hierarchy outside of the jail.

Recommendations: For FreeBSD versions 13.0-STABLE before n245118, update to a version after n245118. For FreeBSD versions 12.2-STABLE before r369552, update to a version after r369552. For FreeBSD versions 11.4-STABLE before r369560, update to a version after r369560. For FreeBSD versions 13.0-RC5 before p1, update to a version after p1. For FreeBSD versions 12.2-RELEASE before p6, update to a version after p6. For FreeBSD versions 11.4-RELEASE before p9, update to a version after p9.