FreeBSD procfs jail Breaking Vulnerability

procfs is the filesystem interface to the process table in the FreeBSD Operating System. A problem exists which could allow a user restrained by a jail to break free.

The problem occurs in the ability of jailed members of the system to load the process filesystem. A user restricted by the jail can break free by mounting the process filesystem, and using weaknesses within the filesystem to execute arbitrary commands. This problem makes it possible for a local user with superuser access in the jailed environment to execute commands outside of the jail, and possibly gain unrestricted access to the system.


Privacy Statement
Copyright 2010, SecurityFocus