First published: Tue Aug 23 2022(Updated: )
A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kernel Util-linux | >=2.34<2.37.3 | |
Fedoraproject Fedora | =35 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this logic error is CVE-2021-3995.
The severity of CVE-2021-3995 is medium with a CVSS score of 5.5.
This vulnerability allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users with a UID prefix match.
Versions of util-linux up to and including 2.37.3 and Fedora 35 are affected by CVE-2021-3995.
Yes, here are some references for CVE-2021-3995: [link1](http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html), [link2](http://seclists.org/fulldisclosure/2022/Dec/4), [link3](http://www.openwall.com/lists/oss-security/2022/11/30/2).