FUSE 2.x prior to 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fuse fuse 2.2 |
||
fuse fuse 2.2.1 |
||
fuse fuse 2.3_pre |
||
fuse fuse 2.3_rc1 |