CVE-2015-3202

2015-07-02T17:59:03
ID CVE-2015-3202
Type cve
Reporter NVD
Modified 2017-06-30T21:29:15

Description

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.