CVE-2011-0542 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Fuse

CWE-264 CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents8 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 81.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Fuse Fuse

Timeline

PublishedSep 2

Latest updateMay 17

Description

fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages2 packages

▶Debianredhat/fuse< 2.8.5-1+2

▶NVDfuse/fuse2.8.5+30

Patches

Patch: www.openwall.com ↗Patch: www.openwall.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-w2gc-fxmq-hpfh: fusermount in fuse 2↗2022-05-17

▶

OSV

CVE-2011-0542: fusermount in fuse 2↗2011-09-02

▶

CVEList

CVE-2011-0542: fusermount in fuse 2↗2011-09-02

▶

📋Vendor Advisories

Red Hat

kernel: drivers/scsi/mpt2sas: prevent heap overflows↗2011-04-05

▶

Red Hat

kernel: fs/partitions: Corrupted OSF partition table infoleak↗2011-03-15

▶

Red Hat

kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab↗2011-03-05

▶

Ubuntu

FUSE vulnerabilities↗2011-02-28

▶

Red Hat

kernel: fs/partitions: Validate map_count in Mac partition tables↗2011-02-17

▶

💬Community

Bugzilla

CVE-2011-0999 kernel: thp: prevent hugepages during args/env copying into the user stack↗2011-02-17

▶

Bugzilla

CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 fuse: unprivileged user can unmount arbitrary locations via symlink attack↗2010-11-08

▶