Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-0541

fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.

Related bugs and status

CVE-2011-0541 (Candidate) is related to these bugs:

Bug #670622: fusermount allows unmount any filesystem

		In	Importance	Status
670622	fusermount allows unmount any filesystem	fuse (Ubuntu)	Medium	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Debian)	Unknown	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Fedora)	Low	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Suse)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://lists.opensuse....
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://fuse.git.source...