February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Lazarus APT Group – Active IOCs
January 25, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
January 25, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
January 25, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
January 25, 2022
Severity
High
Analysis Summary
CVE-2021-3996
util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a flaw when parsing /proc/self/mountinfo in libmount. By sending a specially-crafted request, an attacker could exploit this vulnerability to unmount other users’ filesystems that are either world-writable or mounted in a world-writable directory.
CVE-2021-3995
util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a improper user uid comparison by the is_fuse_usermount function in libmount. By sending a specially-crafted request, an attacker could exploit this vulnerability to unmount the FUSE filesystems that belong to certain other users.
Impact
- Security Bypass
Affected Vendors
- Linux
Affected Products
- util-linux util-linux 2.36.2
Remediation
Upgrade to the latest version of util-linux, available from the util-linux GIT Repository.