CVE-2021-3996

CVE-2021-3996

Vendor N/A

Product util-linux

Weakness CWE-552 · Files accessible externally

Published August 23, 2022

Last update October 15, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

Key dates

02Disclosure timeline

August 23, 2022 CVE published

October 15, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-3996

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE