In the reference implementation of FUSE before 2.9.8 and 3.x before 3.2.5, local attackers were able to specify the allow_other option even if forbidden in /etc/fuse.conf, leading to exposure of FUSE filesystems to other users. This issue only affects systems with SELinux active. CREATE(Triage):(User=admin) CVE-2021-33805 (https://nvd.nist.gov/vuln/detail/CVE-2021-33805)