Re: FreeBSD Security Advisory FreeBSD-SA-24:02.tty

Reply: Eugene Grosbein : "Re: FreeBSD Security Advisory FreeBSD-SA-24:02.tty"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Andrea Venturoli <ml_at_netfence.it>
Date: Wed, 14 Feb 2024 08:55:23 UTC

On 2/14/24 08:07, FreeBSD Security Advisories wrote:
> =============================================================================
> FreeBSD-SA-24:02.tty                                        Security Advisory
>                                                            The FreeBSD Project
> 
> Topic:          jail(2) information leak
> 
> Category:       core
> Module:         jail
> Announced:      2024-02-14
> Credits:        Pawel Jakub Dawidek
> Affects:        All supported versions of FreeBSD.
> Corrected:      2024-02-12 16:25:54 UTC (stable/14, 14.0-STABLE)
>                  2024-02-14 06:05:46 UTC (releng/14.0, 14.0-RELEASE-p5)
>                  2024-02-12 16:27:37 UTC (stable/13, 13.2-STABLE)
>                  2024-02-14 06:06:01 UTC (releng/13.2, 13.2-RELEASE-p10)
> CVE Name:       CVE-2024-25941

Hello.

Sorry for my dumbness, but I fail to understand the severity of this 
problem.
Is it like drop-everything-and-patch-yesterday or 
take-it-easy-and-do-it-when-you-can?

How could the extracted info (tty list) be used?

  bye & Thanks
	av.