Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3996

Опубликовано: 23 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

released

2.37.2-4ubuntu2
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

2.34-0.1ubuntu9.3
esm-infra/xenial

not-affected

code not present
focal

released

2.34-0.1ubuntu9.3
impish

released

2.36.1-8ubuntu2.2
jammy

released

2.37.2-4ubuntu2
trusty

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 45%
0.00218
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3996

CVSS3: 5.5
redhat
больше 3 лет назад

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

nvd логотип

CVE-2021-3996

CVSS3: 5.5
nvd
почти 3 года назад

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

debian логотип

CVE-2021-3996

CVSS3: 5.5
debian
почти 3 года назад

A logic error was found in the libmount library of util-linux in the f ...

fstec логотип

BDU:2022-00589

CVSS3: 3.3
fstec
больше 3 лет назад

Уязвимость стандартного пакета служебных утилит командной строки util-linux, связанная с некорректными разрешениями и привилегиями доступа, позволяющая нарушителю обойти введенные ограничения безопасности

suse-cvrf логотип

openSUSE-SU-2022:0727-1

suse-cvrf
больше 3 лет назад

Security update for libeconf, shadow and util-linux

EPSS

Процентиль: 45%
0.00218
Низкий

5.5 Medium

CVSS3