CVE-2010-2020 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2020): sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
should be fixed in 8.2