5.5

CVE-2026-53168

fuse: reject fuse_notify() pagecache ops on directories

In the Linux kernel, the following vulnerability has been resolved:

fuse: reject fuse_notify() pagecache ops on directories

The operations FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE allow the
FUSE daemon to actively write/read pagecache contents.

For directories with FOPEN_CACHE_DIR, the pagecache is used as
kernel-internal cache storage, and userspace is not supposed to have
direct access to this cache - in particular, fuse_parse_cache() will hit
WARN_ON() if the cache contains bogus data.

Reject FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE on anything other than
regular files with -EINVAL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.10.259
LinuxLinux Kernel Version >= 5.11 < 5.15.210
LinuxLinux Kernel Version >= 5.16 < 6.1.176
LinuxLinux Kernel Version >= 6.2 < 6.6.143
LinuxLinux Kernel Version >= 6.7 < 6.12.94
LinuxLinux Kernel Version >= 6.13 < 6.18.36
LinuxLinux Kernel Version >= 6.19 < 7.0.13
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
LinuxLinux Kernel Version7.1 Updaterc3
LinuxLinux Kernel Version7.1 Updaterc4
LinuxLinux Kernel Version7.1 Updaterc5
LinuxLinux Kernel Version7.1 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/15487f98863dc7156ed43c5be26d478beb82ba35
Patch
https://git.kernel.org/stable/c/bd23fa0c16c5c86e5b7713224ffbb87d9db81cca
Patch
https://git.kernel.org/stable/c/9dbf1b2fadfc6c40805631d8a8276d1639fc9ab6
Patch
https://git.kernel.org/stable/c/dd92773d4d9cea010474eb08a5133c14ff6ab53a
Patch
https://git.kernel.org/stable/c/99c317d7f8b7bbf3de16d20a01f363e390114cea
Patch
https://git.kernel.org/stable/c/12df4cfa738aefff21756728e91056d7defb0fe6
Patch
https://git.kernel.org/stable/c/e692f0cb86204dcdb9dddc0b355407eda6394a67
Patch
https://git.kernel.org/stable/c/9c954499d43aefac01c5dfb57a82b13d2dcf4b94
Patch