Описание
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
- Broken LinkThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Release NotesVendor Advisory
- Broken LinkThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.
A logic error was found in the libmount library of util-linux in the f ...
Уязвимость стандартного пакета служебных утилит командной строки util-linux, связанная с некорректными разрешениями и привилегиями доступа, позволяющая нарушителю обойти введенные ограничения безопасности
Security update for libeconf, shadow and util-linux
EPSS
5.5 Medium
CVSS3