[USN-892-1] FUSE vulnerability

By | 2010/01/28

The following security announcement applies to fuse-utils. If you have fuse-utils installed, please see below for details on the vulnerability and instructions on patching your system:

Ronald Volgers discovered that FUSE did not correctly check mount
locations.  A local attacker, with access to use FUSE, could unmount
arbitrary locations, leading to a denial of service.

The above security vulnerabilities apply to the following Ubuntu releases:

  • Ubuntu 6.06 LTS
  • Ubuntu 8.04 LTS
  • Ubuntu 8.10
  • Ubuntu 9.04
  • Ubuntu 9.10

If you are have this utility installed on your Ubuntu system you’ll need to apply the security update to be protected. Please follow the steps below to ensure your system is properly patched:

Apply Updates

To apply the updates run the following command(s) within your Terminal:

sudo aptitude update
sudo aptitude safe-upgrade

In general, a standard system upgrade is sufficient to effect the necessary changes.