1175 matches found
util-linux: mount fails to anticipate RLIMIT_FSIZE
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMITFSIZE value, a related issue to CVE-2011-1089...
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
DEBIAN-CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
Design/Logic Flaw
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
RHEL 6 : fuse (RHSA-2011:1083)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1083 advisory. FUSE Filesystem in Userspace can implement a fully functional file system in a user-space program. These packages provide the mount utility,...
fuse: unprivileged user can unmount arbitrary locations via symlink attack
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...
PT-2011-1122 · Red Hat · Util-Linux +2
Name of the Vulnerable Software and Affected Versions: fuse versions 2.8.3 through 2.8.5 fuse-devel version 2.8.3 fuse-libs version 2.8.3 fuse-debuginfo version 2.8.3 Description: The issue concerns multiple vulnerabilities in the fuse package of Red Hat Enterprise Linux, which can be exploited...
CVE-2011-1677
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
DEBIAN-CVE-2011-1677
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
CVE-2011-1677
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
CVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...
DEBIAN-CVE-2011-1675
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMITFSIZE value, a related issue to CVE-2011-1089...
CVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...
Memory corruption
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...
CVE-2011-1675
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMITFSIZE value, a related issue to CVE-2011-1089...
Code injection
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
CVE-2011-1675
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMITFSIZE value, a related issue to CVE-2011-1089...
UBUNTU-CVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...