{"id":"USN-5279-1","summary":"util-linux vulnerabilities","details":"It was discovered that util-linux incorrectly handled unmounting FUSE\nfilesystems. A local attacker could possibly use this issue to unmount\nFUSE filesystems belonging to other users.\n","modified":"2026-02-10T04:42:28Z","published":"2022-02-09T13:26:34Z","related":["UBUNTU-CVE-2021-3995","UBUNTU-CVE-2021-3996"],"upstream":["CVE-2021-3995","CVE-2021-3996","UBUNTU-CVE-2021-3995","UBUNTU-CVE-2021-3996"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5279-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3995"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3996"}],"affected":[{"package":{"name":"util-linux","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/util-linux@2.34-0.1ubuntu9.3?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.34-0.1ubuntu9.3"}]}],"versions":["2.34-0.1ubuntu2","2.34-0.1ubuntu4","2.34-0.1ubuntu5","2.34-0.1ubuntu6","2.34-0.1ubuntu7","2.34-0.1ubuntu8","2.34-0.1ubuntu9","2.34-0.1ubuntu9.1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.34-0.1ubuntu9.3","binary_name":"bsdutils"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"fdisk"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libblkid-dev"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libblkid1"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libfdisk-dev"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libfdisk1"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libmount-dev"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libmount1"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libsmartcols-dev"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libsmartcols1"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"libuuid1"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"mount"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"rfkill"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"util-linux"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"util-linux-locales"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"uuid-dev"},{"binary_version":"2.34-0.1ubuntu9.3","binary_name":"uuid-runtime"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5279-1.json","cves_map":{"cves":[{"id":"CVE-2021-3995","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-3996","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:20.04:LTS"}}}],"schema_version":"1.7.3"}