LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

fuse: denial of service

Package(s):fuse CVE #(s):CVE-2010-3879
Created:January 20, 2011 Updated:April 29, 2013
Description:

From the Ubuntu advisory:

It was discovered that FUSE could be tricked into incorrectly updating the mtab file when mounting filesystems. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.

Alerts:
Scientific Linux SL-fuse-20110720 2011-07-20
Red Hat RHSA-2011:1083-01 2011-07-20
SUSE SUSE-SR:2011:005 2011-04-01
openSUSE openSUSE-SU-2011:0264-1 2011-03-31
openSUSE openSUSE-SU-2011:0265-1 2011-03-31
Fedora FEDORA-2011-0854 2011-01-28
Ubuntu USN-1045-2 2011-01-19
Ubuntu USN-1045-1 2011-01-19
Mageia MGASA-2012-0339 2012-11-23
Mandriva MDVSA-2013:155 2013-04-29
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds