CVE-2015-3202

Publication date 21 May 2015

Last updated 24 July 2024

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
fuse	15.04 vivid	Fixed 2.9.2-4ubuntu4.15.04.1
	14.10 utopic	Fixed 2.9.2-4ubuntu4.14.10.1
	14.04 LTS trusty	Fixed 2.9.2-4ubuntu4.14.04.1
	12.04 LTS precise	Fixed 2.8.6-2ubuntu2.1
ntfs-3g	15.04 vivid	Fixed 1:2014.2.15AR.3-1ubuntu0.2
	14.10 utopic	Not affected
	14.04 LTS trusty	Not affected
	12.04 LTS precise	Not affected

Notes

mdeslaur

ntfs-3g in vivid+ is built with an embedded fuse library instead of the system one original ntfs-3g patch was incomplete

References

Related Ubuntu Security Notices (USN)

USN-2617-1
FUSE vulnerability
21 May 2015

USN-2617-2
NTFS-3G vulnerability
22 May 2015

USN-2617-3
NTFS-3G vulnerability
27 May 2015

Other references

https://www.cve.org/CVERecord?id=CVE-2015-3202