It was found that fuse package in Debian ships an udev rules adjusting permissions on the related /dev/cuse character device, making it world writable. This permits a local, unprivileged attacker to create an arbitrarily-named character device in /dev and modify the memory of any process that opens it and performs an ioctl on it. This in turn might allow a local, unprivileged attacker to escalate to root privileges. Public via: http://seclists.org/bugtraq/2016/Jan/106 https://www.debian.org/security/2016/dsa-3451
Created fuse tracking bugs for this issue: Affects: fedora-all [bug 1301012]
Created attachment 1117895 [details] Debian fix Source: https://release.debian.org/proposed-updates/stable_diffs/fuse_2.9.3-15+deb8u2.debdiff
There's no similar udev rule for /dev/cuse device in Red Hat Enterprise Linux and Fedora fuse packages.