Search for vulnerabilities
Vulnerability details: VCID-a8gu-kbtv-aaak
Vulnerability ID VCID-a8gu-kbtv-aaak
Aliases CVE-2021-3995
Summary A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-552 Files or Directories Accessible to External Parties
System Score Found at
cvssv3 4.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3995.json
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00201 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00219 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00233 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00233 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
epss 0.00233 https://api.first.org/data/v1/epss?cve=CVE-2021-3995
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=2024631
cvssv3.1 4.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3995
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3995
Reference id Reference type URL
http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3995.json
https://api.first.org/data/v1/epss?cve=CVE-2021-3995
https://bugzilla.redhat.com/show_bug.cgi?id=2024631https://access.redhat.com/security/cve/CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
http://seclists.org/fulldisclosure/2022/Dec/4
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d
https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
https://security.netapp.com/advisory/ntap-20221209-0002/
https://www.openwall.com/lists/oss-security/2022/01/24/2
http://www.openwall.com/lists/oss-security/2022/11/30/2
2024631 https://bugzilla.redhat.com/show_bug.cgi?id=2024631
cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
CVE-2021-3995 https://nvd.nist.gov/vuln/detail/CVE-2021-3995
GLSA-202401-08 https://security.gentoo.org/glsa/202401-08
USN-5279-1 https://usn.ubuntu.com/5279-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3995.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3995
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3995
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.05128
EPSS Score 0.00042
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.