Filesystem Access Vulnerability in FreeBSD Jails by FreeBSD
CVE-2025-15576

7.5HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 9 March 2026

What is CVE-2025-15576?

A vulnerability exists in FreeBSD Jails where processes confined in sibling jails may inadvertently gain access to shared directories through improperly configured nullfs mounts. If an administrator has set up a nullfs mount between two sibling jails, processes within those jails can exchange directory descriptors via a unix domain socket. This allows a process to initiate a filesystem name lookup that can lead it to traverse outside of its designated chroot environment, thereby granting it access to restricted files and directories. Administrators must exercise diligence in managing file descriptor exchanges, especially for unprivileged users, to prevent unauthorized access even in the presence of security updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FreeBSD 14.3-RELEASE

FreeBSD 13.5-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:04....

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2026
Vulnerability Reserved
Feb 9, 2026

JSON

FreeBSD

What is CVE-2025-15576?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.