diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -4847,13 +4847,19 @@
 	vfsp->vfc_prison_flag = prison_add_allow("mount", vfsp->vfc_name,
 	    NULL, NULL);
 #else
-	char *descr;
+	static const char fmtstring[] = "Jail may mount the %s file system";
+	char descr[sizeof(fmtstring) + sizeof(vfsp->vfc_name)];
 
-	(void)asprintf(&descr, M_TEMP, "Jail may mount the %s file system",
-	    vfsp->vfc_name);
+	/*
+	 * Mostly defending against vfc_name somehow being turned into a
+	 * pointer, but that seems unlikely.
+	 */
+	_Static_assert(sizeof(vfsp->vfc_name) >= MFSNAMELEN,
+	    "vfc_name expected to be an array");
+
+	(void)snprintf(descr, sizeof(descr), fmtstring, vfsp->vfc_name);
 	vfsp->vfc_prison_flag = prison_add_allow("mount", vfsp->vfc_name,
 	    NULL, descr);
-	free(descr, M_TEMP);
 #endif
 }