CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25582

In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working directory is changed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.2%

CVSS Severity

CVSS v3 Score 8.7

CVSS v2 Score 8.5

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-21:05.jail_chdir.asc
https://security.netapp.com/advisory/ntap-20210423-0003/
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:05.jail_chdir.asc
https://security.netapp.com/advisory/ntap-20210423-0003/

Products affected by CVE-2020-25582

Freebsd » Freebsd » Version: 11.4

cpe:2.3:o:freebsd:freebsd:11.4
Freebsd » Freebsd » Version: 12.2

cpe:2.3:o:freebsd:freebsd:12.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25582

Products

Pricing

Contact Us