Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3995

Опубликовано: 23 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

released

2.37.2-4ubuntu2
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

2.34-0.1ubuntu9.3
esm-infra/xenial

not-affected

code not present
focal

released

2.34-0.1ubuntu9.3
impish

released

2.36.1-8ubuntu2.2
jammy

released

2.37.2-4ubuntu2
trusty

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 45%
0.00219
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3995

CVSS3: 4.7
redhat
больше 3 лет назад

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

nvd логотип

CVE-2021-3995

CVSS3: 5.5
nvd
почти 3 года назад

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

debian логотип

CVE-2021-3995

CVSS3: 5.5
debian
почти 3 года назад

A logic error was found in the libmount library of util-linux in the f ...

suse-cvrf логотип

openSUSE-SU-2022:0727-1

suse-cvrf
больше 3 лет назад

Security update for libeconf, shadow and util-linux

suse-cvrf логотип

SUSE-SU-2022:0727-1

suse-cvrf
больше 3 лет назад

Security update for libeconf, shadow and util-linux

EPSS

Процентиль: 45%
0.00219
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2021-3995