MDVSA-2013:155 -- Mandriva fuseID: oval:org.secpod.oval:def:1300190 | Date: (C)2013-05-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in fuse: FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789 . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |