NTFS-3G vulnerability

2015-05-22T00:00:00
ID USN-2617-2
Type ubuntu
Reporter Ubuntu
Modified 2015-05-22T00:00:00

Description

USN-2617-1 fixed a vulnerability in FUSE. This update provides the
corresponding fix for the embedded FUSE copy in NTFS-3G.

Original advisory details:

Tavis Ormandy discovered that FUSE incorrectly filtered environment
variables. A local attacker could use this issue to gain administrative
privileges.