Red Hat Bugzilla – Bug 1301011
CVE-2016-1233 fuse: udev rule creates world-writeable /dev/cuse
Last modified: 2016-01-25 05:05:30 EST
It was found that fuse package in Debian ships an udev rules adjusting permissions on the related /dev/cuse character device, making it world writable. This permits a local, unprivileged attacker to create an arbitrarily-named character device in /dev and modify the memory of any process that opens it and performs an ioctl on it. This in turn might allow a local, unprivileged attacker to escalate to root privileges.
Created fuse tracking bugs for this issue:
Affects: fedora-all [bug 1301012]
Created attachment 1117895 [details]
There's no similar udev rule for /dev/cuse device in Red Hat Enterprise Linux and Fedora fuse packages.