A flaw was found in util-linux's libmount. Improper uid check allows an unprivileged user to unmount FUSE filesystems of users with similar uid.
RHEL 6, 7 and 8 are not affected by this bug as they ship an older version of util-linux which does not allow unprivileged users to unmount FUSE mount points for the current user (e.g. is_fuse_usermount() function does not exist).
Created util-linux tracking bugs for this issue:
Affects: fedora-all [bug 2044306]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):