[security-announce] Fuse: Security update

Tudor Florea tudor.florea at enea.com
Fri Jul 17 00:15:02 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fuse: Security update
=========================================================
Product/package: Enea-Linux-5.0-beta-m400 / fuse 2.9.3
CVE Name: CVE-2015-3202
=========================================================
This security update fixes CVE-2015-3202 
fuse local privilege escalation

CVE-2015-1793 Alternative chains certificate forgery

Signed patch and README files
================================
0021-fuse-CVE-2015-3202.patch
0021-fuse-CVE-2015-3202.patch.sig
0021-fuse-CVE-2015-3202.README.asc

Descriptions
============

fusermount in FUSE before 2.9.3-15 does not properly clear the environment
before invoking (1) mount or (2) umount as root, which allows local users 
to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable
that is used by mount's debugging feature.

Severity: High

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202
http://www.openwall.com/lists/oss-security/2015/05/21/9

How to apply the patches
=======================
 - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing patches in the right order.

wget https://linux.enea.com/5.0-beta-m400/Enea-Linux-5.0-beta-m400.tar.gz
tar zxf Enea-Linux-5.0-beta-m400.tar.gz
cd Enea-Linux-5.0-beta-m400/poky/meta-openembedded/
<Fetch and apply the existing patches >

 - Fetch, verify and apply the new patch
wget https://http://linux.enea.com/5.0-beta-m400/patches/\
0021-fuse-CVE-2015-3202.patch
wget https://http://linux.enea.com/5.0-beta-m400/patches/\
0021-fuse-CVE-2015-3202.patch.sig
gpg --verify 0021-fuse-CVE-2015-3202.patch.sig
patch -p1 < ./0021-fuse-CVE-2015-3202.patch

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVqCf/AAoJEMCI2qnpaXcsJG4IANYO2MsCjT/syQRL52eavRjL
m4TA16ciAPdR1ciXLRuNHsJCNnyZ4TppzsG3pDIULPdKrVMVFfF+l8dtWgndRZKW
d0WIxSw/+yZyidlT+okeo311xvpLzcgNecVAt04sn4x8xc1HF28G2cT64ZtpTHNV
ksf1lecV+3tLLTkxQBpJY2pYPINXhdtMc3FyfkK3cmwpceau2UozaGYz7BxmF9iE
nS4T7657lHSg6jL9wcPTuqfMYledOtevvE7Kz4PBRnTFGEJWYAW/oRvxDVsockNt
mm3TwvbrGZ5XE0edDWIqE/JAmaqtCIYJApoDJ6smFwUd13CC9bsMyZAMmd6omyQ=
=l4+8
-----END PGP SIGNATURE-----



More information about the security-announce mailing list