Unrated severityNVD Advisory· Published Jun 3, 2005· Updated Apr 16, 2026

CVE-2005-1858

Description

FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.

Affected products

Fuse/Fuse4 versions
cpe:2.3:a:fuse:fuse:2.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:fuse:fuse:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:fuse:fuse:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:fuse:fuse:2.3_pre:*:*:*:*:*:*:*
- cpe:2.3:a:fuse:fuse:2.3_rc1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/15561/nvdPatchVendor Advisory
bugs.debian.org/311634nvdVendor Advisory
sourceforge.net/project/shownotes.phpnvdVendor Advisory
www.osvdb.org/17042nvdVendor Advisory
www.sven-tantau.de/public_files/fuse/fuse_20050603.txtnvdVendor Advisory
secunia.com/advisories/16024nvd
securitytracker.com/idnvd
www.debian.org/security/2005/dsa-744nvd
www.securityfocus.com/bid/13857nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000