CVE-2005-2218

FreeBSD 5.x - Unprotected Device Node Exposure via devfs Parameter Check Bypass

Title source: llm

Description

The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process.

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14334

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/18123

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/21451

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16145

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014536

Various Sources vendor-advisory x_refsource_freebsd

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:17.devfs.asc

Scores

EPSS 0.0006

EPSS Percentile 20.2%

Details

Status published

Products (6)

freebsd/freebsd 5.0 (4 CPE variants)

freebsd/freebsd 5.1 (5 CPE variants)

freebsd/freebsd 5.2

freebsd/freebsd 5.2.1 (3 CPE variants)

freebsd/freebsd 5.3 (4 CPE variants)

freebsd/freebsd 5.4 (4 CPE variants)

Published Jul 26, 2005

Tracked Since Feb 18, 2026