Get a Quote   (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support

Versions Affected : All verisons prior to FreeNAS 11.3-U2


A missing NUL-termination check for the jail_set(2) configration option “osrelease” may return more bytes when reading the jail configuration back with jail_get(2) than were originally set.

For jails with a non-default setting of children.max > 0 (“nested jails”) a superuser inside a jail can create a jail and may be able to read and take advantage of exposed kernel memory.


No workaround is available. Systems not altering the default settings of the jail configuration option children.max=0 are not affected as a root on the base system has ccess to kernel memory by other means and a super user inside a jail cannot create further jails.


  • Upgrade to FreeNAS 11.3-U2 or later.


Further information