Red Hat Security Advisory 2011-1083-01 - FUSE can implement a fully functional file system in a user-space program. These packages provide the mount utility, fusermount, the tool used to mount FUSE file systems. Multiple flaws were found in the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able to unmount and that were not mounted using FUSE, via a symbolic link attack.
570a3ac9c4d8ba47567744f3a2508ef5c64019b15a6120d40f7b53ce18ed1cd0Ubuntu Security Notice 1077-1 - It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.
7abc581d95fd6fa91f14b15d1919d17c1f65a3f627fcc6b20f76aa12c42d3cce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed