NewStart CGSL MAIN 6.06 (SP) : fuse Multiple Vulnerabilities (NS-SA-2026-0006)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has fuse packages installed that are affected by multiple vulnerabilities: - fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over...

EUVD-2005-3530

Malware in sbrugna...

EUVD-2011-0560

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : fuse Multiple Vulnerabilities (NS-SA-2025-0207)

The remote NewStart CGSL host, running version MAIN 6.06, has fuse packages installed that are affected by multiple vulnerabilities: - fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a...

Linux Distros Unpatched Vulnerability : CVE-2015-3202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to...

SUSE CVE-2005-3531

fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters...

SUSE CVE-2010-0789

fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint...

SUSE CVE-2011-0542

fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors...

SUSE CVE-2011-0543

Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...

SUSE CVE-2015-3202

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...

Advisory ROSA-SA-2021-1837

Software: fuse 2.9.2 OS: Cobalt 7.9 CVE-ID: CVE-2015-3202 CVE-Crit: HIGH CVE-DESC: fusermount in FUSE before 2.9.3-15 incorrectly clears the environment before calling 1 mount or 2 umount as root user, which allows local users to write arbitrary files via a created environment variable...

SUSE: Security Advisory (SUSE-SU-2018:3219-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system accessible by other users and trick them into accessing files on that file system possibly causing Denial of Service or other unspecified effects.

...

Privilege Escalation

fuse is vulnerable to privilege escalation. The vulnerability exists through the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able...

Privilege Escalation

fuse is vulnerable to privilege escalation. The vulnerability exists through the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able...

Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2019-1186)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2019-1607)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2018-1409)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : fuse Vulnerability (NS-SA-2019-0073)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has fuse packages installed that are affected by a vulnerability: - A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE fi...

EulerOS 2.0 SP5 : fuse (EulerOS-SA-2019-1287)

According to the version of the fuse packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered that fusermount failed to properly sanitize its environment before executing mount and umount commands. A local user could possibly...