Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Gentoo Security Advisory GLSA 201603-04

Information

Severity

Severity

Low

Family

Family

Gentoo Local Security Checks

CVSSv2 Base

CVSSv2 Base

3.6

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

8 years ago

Modified

Modified

5 years ago

Summary

Gentoo Linux Local Security Checks GLSA 201603-04

Insight

Insight

The fusermount binary calls setuid(geteuid()) to reset the RUID when it invokes /bin/mount so that it can use privileged mount options that are normally restricted if RUID != EUID. FUSE does not properly clear environment variables before invoking mount or umount as root allowing this to be passed to operations using elevated privileges such as LIBMOUNT_MTAB that is used by the mount commands debugging feature.

Solution

Solution

Update the affected packages to the latest available version.

Common Vulnerabilities and Exposures (CVE)