Joyent, Inc.

2 exploits Active since Sep 2020
CVE-2021-43395 WRITEUP MEDIUM WRITEUP
illumos <f859e7171bb5db34321e45585839c6c3200ebb90 - Info Disclosure
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.
CVSS 5.5
CVE-2020-24718 WRITEUP HIGH WRITEUP
FreeBSD through 12.1 - Missing Authorization in bhyve VMCS/VMCB Operations
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
CVSS 8.2