Versions Affected : All verisons prior to FreeNAS 11.3-U1


Description

VFS option processing related to the nmount(2) system call was missing a length check.

This is generally only available to privileged users unless the vfs.usermount sysctl is changed from the default to allow non-privileged users the ability to mount file systems.


Workaround

No workaround is available. However, if the vfs.usermount sysctl has been changed to allow non-privileged users the ability to mount file systems, switching back to the default value of 0 will prevent non-privileged users from triggering the issue.


Mitigation

  • Upgrade to FreeNAS 11.3-U1 or later

Commit


Further information