fusermount in FUSE prior to 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
fuse project fuse |