CVE-2021-3995
Published: 1 February 2022
Unauthorized unmount of FUSE filesystems belonging to users with similar uid
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
util-linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
| focal |
Released
(2.34-0.1ubuntu9.3)
|
|
| impish |
Released
(2.36.1-8ubuntu2.2)
|
|
| jammy |
Released
(2.37.2-4ubuntu2)
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Released
(2.37.3-1)
|
|
| xenial |
Not vulnerable
(code not present)
|
Notes
| Author | Note |
|---|---|
| sbeattie | introduced in 5fea669e9ef0a08804f72bb40f859f239f68c30a (v2.34) |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
- https://www.openwall.com/lists/oss-security/2022/01/24/2
- https://ubuntu.com/security/notices/USN-5279-1
- NVD
- Launchpad
- Debian