Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-0543

Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.

Related bugs and status

CVE-2011-0543 (Candidate) is related to these bugs:

Bug #670622: fusermount allows unmount any filesystem

		In	Importance	Status
670622	fusermount allows unmount any filesystem	fuse (Ubuntu)	Medium	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Debian)	Unknown	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Fedora)	Low	Fix Released
670622	fusermount allows unmount any filesystem	fuse (Suse)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://lists.opensuse....
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://fuse.git.source...