Versions Affected : All versions prior to TrueNAS 12.0-U2


Description

Insufficient locking in the kernel meant that destroying an epair and a vnet jail at the same time often resulted in panics.

Users with root level access (or the PRIV_NET_IFCREATE privilege) can panic the system.


Workaround

The panic can be avoided by ensuring that epair interfaces are fully destroyed before the vnet jails containing them are destroyed. Systems not using vnet jails are not affected.


Mitigation

  • Upgrade to TrueNAS 12.0-U2 or later.

Commit


Further information