PT-2026-52950 · Undefined · Undefined

Published

2026-06-26

Updated

2026-06-26

CVE-2026-53311

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

In the Linux kernel, the following vulnerability has been resolved:

fuse: fix uninit-value in fuse dentry revalidate()

fuse dentry revalidate() may be called with a dentry that didn't had ->d time initialised. The issue was found with KMSAN, where lookup open() calls d alloc(), followed by d revalidate(), as shown below:

===================================================== BUG: KMSAN: uninit-value in fuse dentry revalidate+0x150/0x13d0 fs/fuse/dir.c:394 fuse dentry revalidate+0x150/0x13d0 fs/fuse/dir.c:394 d revalidate fs/namei.c:1030 [inline] lookup open fs/namei.c:4405 [inline] open last lookups fs/namei.c:4583 [inline] path openat+0x1614/0x64c0 fs/namei.c:4827 do file open+0x2aa/0x680 fs/namei.c:4859 [...]

Uninit was created at: slab post alloc hook mm/slub.c:4466 [inline] slab alloc node mm/slub.c:4788 [inline] kmem cache alloc lru noprof+0x382/0x1280 mm/slub.c:4807 d alloc+0x55/0xa00 fs/dcache.c:1740 d alloc parallel+0x99/0x2740 fs/dcache.c:2604 lookup open fs/namei.c:4398 [inline] open last lookups fs/namei.c:4583 [inline] path openat+0x135f/0x64c0 fs/namei.c:4827 do file open+0x2aa/0x680 fs/namei.c:4859 [...]

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-53311

Affected Products

Undefined

PT-2026-52950 · Undefined · Undefined

CVE-2026-53311

Related Identifiers

Affected Products

References · 4