Veracode Vulnerability DatabaseVERACODE:33917Denial Of Service (DoS)
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
util-linux is vulnerable to denial of service. The vulnerability exists due to a logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem.
References
packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html
seclists.org/fulldisclosure/2022/Dec/4
www.openwall.com/lists/oss-security/2022/11/30/2
bugzilla.redhat.com/show_bug.cgi?id=2024631https://access.redhat.com/security/cve/CVE-2021-3995
github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d
mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
security-tracker.debian.org/tracker/CVE-2021-3995
security.netapp.com/advisory/ntap-20221209-0002/
www.openwall.com/lists/oss-security/2022/01/24/2
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H