Gentoo Logo

FUSE: mtab corruption through fusermount


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200511-17 / FUSE
Release Date November 22, 2005
Latest Revision November 22, 2005: 01
Impact normal
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
sys-fs/fuse < 2.4.1-r1 >= 2.4.1-r1 All supported architectures

Related bugreports: #112902


The fusermount utility from FUSE can be abused to corrupt the /etc/mtab file contents, potentially allowing a local attacker to set unauthorized mount options.

2.  Impact Information


FUSE (Filesystem in Userspace) allows implementation of a fully functional filesystem in a userspace program. The fusermount utility is used to mount/unmount FUSE file systems.


Thomas Biege discovered that fusermount fails to securely handle special characters specified in mount points.


A local attacker could corrupt the contents of the /etc/mtab file by mounting over a maliciously-named directory using fusermount, potentially allowing the attacker to set unauthorized mount options. This is possible only if fusermount is installed setuid root, which is the default in Gentoo.

3.  Resolution Information


There is no known workaround at this time.


All FUSE users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-fs/fuse-2.4.1-r1"

4.  References


Page updated November 22, 2005

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.