4 matches found
PT-2026-21819
By default, jailed processes cannot mount filesystems, including nullfs4. However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged user within a jail is able to nullfs-mount directories, a limitation of the kernel's path lookup logic...
PT-2026-21820
Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A critical flaw exists in FreeBSD that allows a jailed process to escape its confinement. Successful exploitation of this issue can lead to full filesystem access, effectively breaking the...
OSEC-2026-02 ARP unbounded memory usage
Background Mirage's implementation of the ARP protocol RFC826 caches ARP replies to construct an IPv4 address - MAC address cache. This cache is long-lived effectively global, and also contains pending ARP requests, which are replaced by the reply, or deleted after a timeout. ARP replies that do...
PT-2025-46559
Name of the Vulnerable Software and Affected Versions sudo affected versions not specified Description The rust rewrite of sudo contains a new issue allowing authentication bypass. This does not affect users utilizing nanos unikernels. Recommendations At the moment, there is no information about ...