PT-2026-42400 · Fusefs · Fusefs

Joshua Rogers

·

Published

2026-05-21

·

Updated

2026-05-21

·

CVE-2026-45252

CVSS v3.1

5.5

Medium

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
Name of the Vulnerable Software and Affected Versions fusefs (affected versions not specified)
Description When a fusefs file system implements extended attributes, the kernel may send a FUSE LISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel module uses the strlen() function on this buffer without verifying that the list is NUL-terminated. A malicious daemon can send a non-NUL-terminated list, causing the kernel module to read beyond the end of one heap-allocated buffer and potentially write beyond the end of a second buffer. This can lead to the disclosure of up to 253 bytes of kernel heap memory or the injection of up to 250 attacker-controlled bytes into unallocated kernel heap space.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45252

Affected Products

Fusefs