CVE-2010-0789: fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.

low3.3CVSS 3.1

AVLACMAuNCNIPAP

fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.

Affected

32 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	fuse	< fuse 2.8.1-1.2 (bookworm)	fuse 2.8.1-1.2 (bookworm)
debian	fuse	< fuse 2.8.5-1 (bookworm)	fuse 2.8.5-1 (bookworm)
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—
fuse	fuse	—	—

CVSS provenance

nvd5.8MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:P

osv3.3LOW