Versions Affected : All verisons prior to FreeNAS 11.3-U2
Incorrect use of a potentially user-controlled pointer in the kernel allowed vnet jailed users to panic the system and potentially execute aribitrary code in the kernel.
Users with root level access (or the PRIV_NET_IFCREATE privilege) can panic the system, or potentially escape the jail or execute arbitrary code with kernel priviliges.
No workaround is available. Systems not using epair(4) are not vulnerable.
- Upgrade to FreeNAS 11.3-U2 or later.