CVE-2025-15576
CVE-2025-15576 describes a jail/chroot escape in FreeBSD. When two sibling jails are restricted to separate filesystem trees, processes in the two jails can still exchange directory descriptors via a unix domain socket and access a shared directory mounted with nullfs. During a filesystem name lo...