Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Max CVSS
3.3
EPSS Score
0.04%
Published
2011-09-02
Updated
2023-02-13
fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors.
Max CVSS
3.3
EPSS Score
0.04%
Published
2011-09-02
Updated
2023-02-13
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.
Max CVSS
3.3
EPSS Score
0.04%
Published
2011-09-02
Updated
2023-02-13
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
Max CVSS
3.3
EPSS Score
0.04%
Published
2010-03-02
Updated
2017-08-17
FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-06-03
Updated
2008-09-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!