VYPR

rpm package

opensuse/fuse&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/fuse&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2015-3202Jul 2, 2015
    affected < 2.9.5-1.6fixed 2.9.5-1.6

    fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.

  • CVE-2011-0541Sep 2, 2011
    affected < 2.9.5-1.6fixed 2.9.5-1.6

    fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.