First published: Fri Sep 02 2011(Updated: )
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fuse Fuse | =2.4.2 | |
Fuse Fuse | =2.6.0 | |
Fuse Fuse | =2.4.1 | |
Fuse Fuse | =2.2 | |
Fuse Fuse | =2.6.5 | |
Fuse Fuse | =2.7.0 | |
Fuse Fuse | =2.7.4 | |
Fuse Fuse | =2.3.0 | |
Fuse Fuse | =2.4.0 | |
Fuse Fuse | =2.6.3 | |
Fuse Fuse | =2.5.3 | |
Fuse Fuse | =2.3-pre | |
Fuse Fuse | =2.0-pre1 | |
Fuse Fuse | =2.8.1 | |
Fuse Fuse | =2.2.1 | |
Fuse Fuse | =2.5.1 | |
Fuse Fuse | =2.7.1 | |
Fuse Fuse | =2.8.2 | |
Fuse Fuse | =2.7.2 | |
Fuse Fuse | =2.1 | |
Fuse Fuse | =2.8.0 | |
Fuse Fuse | =2.5.2 | |
Fuse Fuse | <=2.8.5 | |
Fuse Fuse | =1.9 | |
Fuse Fuse | =2.7.5 | |
Fuse Fuse | =2.7.6 | |
Fuse Fuse | =2.5.0 | |
Fuse Fuse | =2.6.1 | |
Fuse Fuse | =2.8.4 | |
Fuse Fuse | =2.8.3 | |
Fuse Fuse | =2.0-pre0 | |
Fuse Fuse | =2.7.3 | |
Fuse Fuse | =2.3-rc1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.