CVE Catalog

CVE-2026-53168

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

A vulnerability was found in the Linux kernel's FUSE filesystem, allowing the FUSE daemon to perform pagecache write/read operations on directories. The FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE operations were accepted for directories, potentially triggering WARN_ON() in fuse_parse_cache() when bogus data is present in the cache. The fix rejects these operations for anything other than regular files with -EINVAL.

Risk Assessment

The risk involves potential system destabilization by the FUSE daemon, which can inject invalid data into the kernel's internal directory cache, causing WARN_ON() warnings and potentially leading to system crashes or unpredictable behavior.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit 5a8c9f3e4b2a). Also monitor whether the FUSE daemon attempts to exploit this vulnerability on unpatched systems.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fuse_notify() pagecache ops on directories The operations FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPEN_CACHE_DIR, the pagecache is used as kernel-internal cache storage, and userspace is not supposed to have direct access to this cache - in particular, fuse_parse_cache() will hit WARN_ON() if the cache contains bogus data. Reject FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE on anything other than regular files with -EINVAL.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS