PT-2018-2294 · Filesystem In Userspace+4 · Fuse+4

Jann Horn

Published

2018-07-24

Updated

2022-03-16

CVE-2018-10906

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions fuse versions 2.9.8 and earlier fuse versions 3.x before 3.2.5

Description The issue is related to a restriction bypass when SELinux is active, allowing non-root users to mount a FUSE file system with the 'allow other' mount option, regardless of the 'user allow other' setting in the fuse configuration. This could be exploited to mount a FUSE file system accessible by other users, potentially causing Denial of Service or other unspecified effects by tricking them into accessing files on that file system.

Recommendations For fuse versions 2.9.8 and earlier, update to version 2.9.8 or later. For fuse versions 3.x before 3.2.5, update to version 3.2.5 or later.

Exploit

Fix

DoS

Improper Authorization

Improper Privilege Management

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-269CWE-284

Related Identifiers

AZL-34694

AZL-6430

BDU:2019-00421

CESA-2018_3324

CVE-2018-10906

DLA-1468-1

DSA-4257-1

OPENSUSE-SU-2018_3325-1

OPENSUSE-SU-2018_3326-1

RHSA-2018:3324

RHSA-2018_3324

SUSE-SU-2018:3219-1

SUSE-SU-2018:3260-1

SUSE-SU-2018_3219-1

SUSE-SU-2018_3260-1

SUSE-SU-2019:13948-1

SUSE-SU-2019_13948-1

USN-5326-1

Affected Products

Centos

Red Hat

Suse

Ubuntu

Fuse

PT-2018-2294 · Filesystem In Userspace+4 · Fuse+4

CVE-2018-10906

Weakness Enumeration

Related Identifiers

Affected Products

References · 37