mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 17:59:59 +00:00
Code Issues Projects Releases Wiki Activity
Files
fido
meta-openembedded/meta-filesystems/recipes-support/fuse
T
History
Tudor Florea 6a591c9367 fuse: fix for CVE-2015-3202 Privilege Escalation 
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before
invoking (1) mount or (2) umount as root, which allows local users to write
to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is
used by mount's debugging feature.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202
http://www.openwall.com/lists/oss-security/2015/05/21/9

Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2015-10-26 21:43:08 +01:00
..
files
fuse: fix for CVE-2015-3202 Privilege Escalation
2015-10-26 21:43:08 +01:00
fuse_2.9.3.bb
fuse: fix for CVE-2015-3202 Privilege Escalation
2015-10-26 21:43:08 +01:00