Detections
Analytics

FreeBSD : FreeBSD -- jail_remove(2) fails to kill all jailed processes (31ad2f10-7711-11eb-b87a-901b0ef719ab)

high Nessus Plugin ID 146846

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Due to a race condition in the jail_remove(2) implementation, it may fail to kill some of the processes. Impact : A process running inside a jail can avoid being killed during jail termination. If a jail is subsequently started with the same root path, a lingering jailed process may be able to exploit the window during which a devfs filesystem is mounted but the jail's devfs ruleset has not been applied, to access device nodes which are ordinarily inaccessible. If the process is privileged, it may be able to escape the jail and gain full access to the system.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?34171a21

Plugin Details

Severity: High

ID: 146846

File Name: freebsd_pkg_31ad2f10771111ebb87a901b0ef719ab.nasl

Version: 1.3

Type: local

Published: 2/25/2021

Updated: 4/6/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2020-25581

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 2/25/2021

Vulnerability Publication Date: 2/24/2021

Reference Information

CVE: CVE-2020-25581

FreeBSD: SA-21:04.jail_remove