* [ANNOUNCE] util-linux stable realase v2.37.3
@ 2022-01-24 11:13 Karel Zak
0 siblings, 0 replies; only message in thread
From: Karel Zak @ 2022-01-24 11:13 UTC (permalink / raw)
To: linux-kernel, linux-fsdevel, util-linux
The util-linux release v2.37.3 is available at
http://www.kernel.org/pub/linux/utils/util-linux/v2.37/
Feedback and bug reports, as always, are welcomed.
Karel
util-linux 2.37.3 Release Notes
===============================
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
--
Karel Zak <kzak@redhat.com>
http://karelzak.blogspot.com
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-01-24 11:13 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-24 11:13 [ANNOUNCE] util-linux stable realase v2.37.3 Karel Zak
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.