Summary: | <sys-fs/fuse-2.9.4: incorrect filtering of environment variables leading to privilege escalation (CVE-2015-3202) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | arm64, radhermit |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1224103 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=607912 | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-05-22 09:51:20 UTC
Maintainers: version 2.9.4 is available and fixes the vulnerability. Arches please stabilize 2.9.4. amd64 stable Stable for HPPA. x86 stable Stable for PPC64. ppc stable arm stable alpha stable ia64 stable CVE-2015-3202 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3202): fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature. sparc stable Since arm64 is not part of the stable arches, we will leave it for stabilization in due time but meanwhile we are going to go ahead with the GLSA. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). It has been 30 days+ since cleanup requested. Maintainer(s), please drop the vulnerable version(s). Maintainer(s), please drop the vulnerable version(s). (In reply to Yury German from comment #15) > Maintainer(s), please drop the vulnerable version(s). Done. Maintainer(s), Thank you for your work. This issue was resolved and addressed in GLSA 201603-04 at https://security.gentoo.org/glsa/201603-04 by GLSA coordinator Kristian Fiskerstrand (K_F). |