5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%
A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount.
parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to,
unmount other users’ filesystems that are either writable or
mounted in a writable directory
A vulnerability in the standard util-linux command line utility package is related to an incorrect
UID checking in libmount. Exploitation of the vulnerability could allow an attacker to unmount the file systems of FUSE users with similar UIDs.
FUSE file systems of users with a similar UID
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | util-linux | <= 2.37.3-1 | UNKNOWN |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%