发布时间: 2022年2月26日
修改时间: 2024年10月31日
A logical error was found in util-linux's libmount library in a function that allows unprivileged users to unmount FUSE filesystems. Incorrect uid checking allows unprivileged users to unmount FUSE filesystems with similar uid users, an attacker could exploit this vulnerability to cause a denial of service to applications using the affected filesystem.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | None | None |
| Attack Vector | Local | Local |
| CVSS评分 | 5.5 | 4.7 |
| Attack Complexity | Low | High |
| Privileges Required | Low | Low |
| Scope | Unchanged | Unchanged |
| Integrity | None | None |
| User Interaction | None | None |
| Availability | High | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-1238 | util-linux security update | 2022年2月26日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | util-linux | Fixed |
| KY3.4-5A | util-linux | Fixed |
