CVE-2021-3996

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions util-linux (affected versions not specified)

Description A logic error was found in the libmount library of util-linux, allowing an unprivileged user to unmount a FUSE filesystem. This flaw enables a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems. The vulnerability is related to incorrect permissions and access privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-552

Related Identifiers

ALT-PU-2022-1123

ALT-PU-2022-3036

BDU:2022-00589

CVE-2021-3996

DSA-5055-1

JLSEC-2025-193

MGASA-2022-0076

OESA-2022-1536

OPENSUSE-SU-2022:0727-1

OPENSUSE-SU-2022_0727-1

OPENSUSE-SU-2024:11784-1

SUSE-SU-2022:0727-1

SUSE-SU-2022:0727-2

USN-5279-1

Affected Products

Alt Linux

Linuxmint

Red Os

Suse

Ubuntu

Util-Linux

CVE-2021-3996

Weakness Enumeration

Related Identifiers

Affected Products

References · 59