FreeBSD Security Advisory - The device file system, or devfs(5), provides access to kernel's device namespace in the global file system namespace. The devfs(5) rule subsystem provides a way for the administrator of a system to control the attributes of DEVFS nodes. Each DEVFS mount-point has a ruleset, or a list of rules, associated with it, allowing the administrator to change the properties, including the visibility, of certain nodes. The default devfs rulesets are not loaded on boot, even when jails are used. Device nodes will be created in the jail with their normal default access permissions, while most of them should be hidden and inaccessible. Jailed processes can get access to restricted resources on the host system. For jailed processes running with superuser privileges this implies access to all devices on the system. This level of access could lead to information leakage and privilege escalation.
11eb5a639867c386d3ee69127a1dd822508bbf87a2d5ddc4948fe6662d5078ff