Directory Entry Overflow in Linux Kernel FUSE Implementation
CVE-2026-31694

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 May 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-31694?

The Linux kernel's implementation of FUSE is vulnerable to a directory entry overflow due to improper validation of serialized directory entries. Specifically, the function fuse_add_dirent_to_cache() fails to verify whether a directory entry exceeds the maximum allowable size, allowing a malicious FUSE server to craft oversized directory entries. This oversight can lead to memory overflow situations, compromising the integrity of the kernel's memory management. By rejecting oversized directory entries prior to caching them, a more secure approach can effectively mitigate such vulnerabilities, safeguarding system stability and reliability.

Affected Version(s)

Linux 69e34551152a286f827d54dcb5700da6aeaac1fb < 3059f9abe7f1ba8fddf3c86c5faa1eeacf07e7d4

Linux 69e34551152a286f827d54dcb5700da6aeaac1fb < 1d4a517fa90480c52fd452fea2686cd80f773ce2

Linux 69e34551152a286f827d54dcb5700da6aeaac1fb < 038e61812fa52ef62bad2cfc96bf37dc0db47c1e

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-31694-POC
Created by 0xCyberstan

References

https://git.kernel.org/stable/c/3059f9abe7f1ba8fddf3c86c5...
https://git.kernel.org/stable/c/1d4a517fa90480c52fd452fea...
https://git.kernel.org/stable/c/038e61812fa52ef62bad2cfc9...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.