Vulnerability Details CVE-2018-10906
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.4%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 4.6
References
- https://access.redhat.com/errata/RHSA-2018:3324
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906
- https://lists.debian.org/debian-lts-announce/2018/08/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5XYA6PXT5PPWVK7CM7K4YRCYWA37DODB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A253TZWZK6R7PT2S5JIEAQJR2TYKX7V2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BREAIWIK64DRJWHIGR47L2D5YICY4HQ3/
- https://www.debian.org/security/2018/dsa-4257
- https://www.exploit-db.com/exploits/45106/
- https://access.redhat.com/errata/RHSA-2018:3324
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906
- https://lists.debian.org/debian-lts-announce/2018/08/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5XYA6PXT5PPWVK7CM7K4YRCYWA37DODB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A253TZWZK6R7PT2S5JIEAQJR2TYKX7V2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BREAIWIK64DRJWHIGR47L2D5YICY4HQ3/
- https://www.debian.org/security/2018/dsa-4257
- https://www.exploit-db.com/exploits/45106/
Products affected by CVE-2018-10906
-
cpe:2.3:a:fuse_project:fuse:2.4.0
-
cpe:2.3:a:fuse_project:fuse:2.4.1
-
cpe:2.3:a:fuse_project:fuse:2.4.2
-
cpe:2.3:a:fuse_project:fuse:2.5.0
-
cpe:2.3:a:fuse_project:fuse:2.5.2
-
cpe:2.3:a:fuse_project:fuse:2.5.3
-
cpe:2.3:a:fuse_project:fuse:2.6.0
-
cpe:2.3:a:fuse_project:fuse:2.6.1
-
cpe:2.3:a:fuse_project:fuse:2.6.2
-
cpe:2.3:a:fuse_project:fuse:2.6.3
-
cpe:2.3:a:fuse_project:fuse:2.6.4
-
cpe:2.3:a:fuse_project:fuse:2.6.5
-
cpe:2.3:a:fuse_project:fuse:2.7.0
-
cpe:2.3:a:fuse_project:fuse:2.7.1
-
cpe:2.3:a:fuse_project:fuse:2.7.2
-
cpe:2.3:a:fuse_project:fuse:2.7.3
-
cpe:2.3:a:fuse_project:fuse:2.7.4
-
cpe:2.3:a:fuse_project:fuse:2.7.5
-
cpe:2.3:a:fuse_project:fuse:2.8.0
-
cpe:2.3:a:fuse_project:fuse:2.8.1
-
cpe:2.3:a:fuse_project:fuse:2.8.2
-
cpe:2.3:a:fuse_project:fuse:2.8.3
-
cpe:2.3:a:fuse_project:fuse:2.8.4
-
cpe:2.3:a:fuse_project:fuse:2.8.5
-
cpe:2.3:a:fuse_project:fuse:2.8.6
-
cpe:2.3:a:fuse_project:fuse:2.8.7
-
cpe:2.3:a:fuse_project:fuse:2.9.0
-
cpe:2.3:a:fuse_project:fuse:2.9.1
-
cpe:2.3:a:fuse_project:fuse:2.9.2
-
cpe:2.3:a:fuse_project:fuse:2.9.3
-
cpe:2.3:a:fuse_project:fuse:2.9.4
-
cpe:2.3:a:fuse_project:fuse:2.9.5
-
cpe:2.3:a:fuse_project:fuse:2.9.6
-
cpe:2.3:a:fuse_project:fuse:2.9.7
-
cpe:2.3:a:fuse_project:fuse:3.0.0
-
cpe:2.3:a:fuse_project:fuse:3.0.1
-
cpe:2.3:a:fuse_project:fuse:3.0.2
-
cpe:2.3:a:fuse_project:fuse:3.1.0
-
cpe:2.3:a:fuse_project:fuse:3.1.1
-
cpe:2.3:a:fuse_project:fuse:3.2.0
-
cpe:2.3:a:fuse_project:fuse:3.2.1
-
cpe:2.3:a:fuse_project:fuse:3.2.2
-
cpe:2.3:a:fuse_project:fuse:3.2.3
-
cpe:2.3:a:fuse_project:fuse:3.2.4
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0