[3.9] fuse: bypass of the "user_allow_other" restriction when SELinux is active (CVE-2018-10906) (#9151) · Issues · alpine / aports

[3.9] fuse: bypass of the "user_allow_other" restriction when SELinux is active (CVE-2018-10906)

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is
vulnerable to a restriction bypass when SELinux is active. This allows
non-root users to mount a FUSE file system with the ‘allow_other’ mount
option regardless of whether ‘user_allow_other’ is set in the fuse
configuration. An attacker may use this flaw to mount a FUSE file system,
accessible by other users, and trick them into accessing files on that file
system, possibly causing Denial of Service or other unspecified effects.

References:

http://openwall.com/lists/oss-security/2018/07/24/1
https://nvd.nist.gov/vuln/detail/CVE-2018-10906

Patches:

https://github.com/libfuse/libfuse/commit/28bdae3d113ef479c1660a581ef720cdc33bf466
https://github.com/libfuse/libfuse/commit/5018a0c016495155ee598b7e0167b43d5d902414

(from redmine: issue id 9151, created on 2018-07-30, closed on 2018-07-31)

Relations:
- copied_to #9150 (closed)
- parent #9150 (closed)
Changesets:
- Revision cab094ae by Natanael Copa on 2018-07-30T16:03:32Z:

main/fuse: security upgrade to 2.9.8 (CVE-2018-10906)

fixes #9151

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information