Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 22: 2015-8756 Critical: Fuse Privilege Escalation Fix

fedora
Calendar Grey June 7, 2015
Dist Fedora Esm H88
The Fedora 22 update addresses a vulnerability in fuse by upgrading it to version 2.9.4, thereby mitigating the risk of privilege escalation.
Update to 2.9.4, which fixes CVE-2015-3202.

Summary

With FUSE it is possible to implement a fully functional filesystem in a

userspace program. This package contains the FUSE userspace tools to

mount a FUSE filesystem.

Update Information:

Update to 2.9.4, which fixes CVE-2015-3202.

Topics%20covered

Topics Covered

security advisory fedora update critical privilege escalation file system fuse

Change Log

* Fri May 22 2015 Tom Callaway 2.9.4-1 - update to 2.9.4 - fixes CVE-2015-3202

References


[ 1 ] Bug #1224103 - CVE-2015-3202 fuse: incorrect filtering of environment variables leading to privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1224103

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update fuse' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: fuse
Product: Fedora 22
Version: 2.9.4
Release: 1.fc22
URL: https://github.com/libfuse/libfuse
Summary: File System in Userspace (FUSE) utilities

Topics%20covered

Topics Covered

security advisory fedora update critical privilege escalation file system fuse

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here