Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 17 results


CVE-2022-40320

Medium priority
Needs evaluation

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read.

1 affected packages

libconfuse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libconfuse Needs evaluation Needs evaluation Not in release Not in release Ignored
Show less packages

CVE-2022-29973

Medium priority
Needs evaluation

relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength.

1 affected packages

fuse-exfat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuse-exfat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-19760

Medium priority
Ignored

cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak.

1 affected packages

confuse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
confuse Ignored Ignored
Show less packages

CVE-2018-10906

Low priority

Some fixes available 1 of 8

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of...

2 affected packages

fuse, fuse3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuse Not affected Not affected Not affected Vulnerable Fixed
fuse3 Not affected Not affected Not affected Not in release Not in release
Show less packages

CVE-2018-14447

Medium priority
Fixed

trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.

1 affected packages

confuse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
confuse Fixed Fixed
Show less packages

CVE-2015-8837

Medium priority

Some fixes available 2 of 3

Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.

1 affected packages

fuseiso

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuseiso Not affected
Show less packages

CVE-2015-8836

Medium priority

Some fixes available 2 of 3

Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size...

1 affected packages

fuseiso

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuseiso Not affected
Show less packages

CVE-2016-1233

Medium priority
Not affected

An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local...

1 affected packages

fuse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuse
Show less packages

CVE-2015-3202

High priority
Fixed

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that...

2 affected packages

fuse, ntfs-3g

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuse
ntfs-3g
Show less packages

CVE-2011-0543

Medium priority

Some fixes available 4 of 5

Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a...

1 affected packages

fuse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fuse
Show less packages