CVE-2021-3995

Published: 23/08/2022 Updated: 07/01/2024

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local malicious user to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kernel util-linux
fedoraproject fedora 35

The Qualys Research Labs discovered two vulnerabilities in util-linux's libmount These flaws allow an unprivileged user to unmount other users' filesystems that are either world-writable themselves or mounted in a world-writable directory (CVE-2021-3996), or to unmount FUSE filesystems that belong to certain other users (CVE-2021-3995) For the st ...

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form An attacker may use ...

ALAS-2022-218 Amazon Linux 2022 Security Advisory: ALAS-2022-218 Advisory Release Date: 2022-12-06 16:41 Pacific ...

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to r ...

Hello Can someone clarify CVE-2021-44730 dependency on hardlinking? This passage: Why it isn't possible to copy the snap-confine binary into a directory for the same effect -- instead of hardlinking it? I cannot see how hardlink is different from a simple copy in this context Thanks! Feb 17, 2022, 19:47 by qsa () qualys com: ...

Hi all, We discovered two vulnerabilities (unauthorized unmounts) in util-linux's libmount, CVE-2021-3996 and CVE-2021-3995 Patches are now available at (many thanks to Karel Zak, Red Hat Product Security, and the members of linux-distros@openwall): githubcom/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb ...

Qualys Security Advisory Oh Snap! More Lemmings (Local Privilege Escalation in snap-confine) ======================================================================== Contents ======================================================================== Summary Two minor bugs An unexploitable bug CVE-2021-44730: Hardlink attack in snap-confine's sc_o ...

SRE Labs This repository contains: the source code to implement a standalone HTTP web application a dockerfile to containerize the service an helm chart for the service an helm chart to install kube-prometheus-stack with an easy example of dashboard and alert a script to automate the provisioning of a local Kubernetes cluster Requirements You should have installed at least:

CWE-552 https://bugzilla.redhat.com/show_bug.cgi?id=2024631https://access.redhat.com/security/cve/CVE-2021-3995 https://github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes https://www.openwall.com/lists/oss-security/2022/01/24/2 http://www.openwall.com/lists/oss-security/2022/11/30/2 http://seclists.org/fulldisclosure/2022/Dec/4 http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html https://security.netapp.com/advisory/ntap-20221209-0002/https://security.gentoo.org/glsa/202401-08 https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5055

CVE-2021-3995

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect