{"api_version":"1","generated_at":"2026-06-25T17:30:04+00:00","cve":"CVE-2026-53167","urls":{"html":"https://cve.report/CVE-2026-53167","api":"https://cve.report/api/cve/CVE-2026-53167.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-53167","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-53167"},"summary":{"title":"fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios\n\nFUSE_NOTIFY_RETRIEVE must be limited to uptodate folios; !uptodate folios\ncan contain uninitialized data.\nSince FUSE_NOTIFY_RETRIEVE is intended to only return data that is already\nin the page cache and not wait for data from the FUSE daemon, treat\n!uptodate folios as if they weren't present.\n\nThis only has security impact on systems that don't enable automatic\nzero-initialization of all page allocations via\nCONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-06-25 09:16:34","updated_at":"2026-06-25 09:16:34"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd","name":"https://git.kernel.org/stable/c/1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c","name":"https://git.kernel.org/stable/c/4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/56763afa013444a9d84ca1b74e4b7130942177ba","name":"https://git.kernel.org/stable/c/56763afa013444a9d84ca1b74e4b7130942177ba","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-53167","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-53167","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a 56763afa013444a9d84ca1b74e4b7130942177ba git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a 1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a 4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 2.6.36","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 2.6.36 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.36 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.13 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["fs/fuse/dev.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"56763afa013444a9d84ca1b74e4b7130942177ba","status":"affected","version":"2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a","versionType":"git"},{"lessThan":"1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd","status":"affected","version":"2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a","versionType":"git"},{"lessThan":"4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c","status":"affected","version":"2d45ba381a74a743eeaa2b06c7c5c0d2bf73ba1a","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["fs/fuse/dev.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"2.6.36"},{"lessThan":"2.6.36","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.36","versionType":"semver"},{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.13","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.36","versionStartIncluding":"2.6.36","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.13","versionStartIncluding":"2.6.36","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1","versionStartIncluding":"2.6.36","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios\n\nFUSE_NOTIFY_RETRIEVE must be limited to uptodate folios; !uptodate folios\ncan contain uninitialized data.\nSince FUSE_NOTIFY_RETRIEVE is intended to only return data that is already\nin the page cache and not wait for data from the FUSE daemon, treat\n!uptodate folios as if they weren't present.\n\nThis only has security impact on systems that don't enable automatic\nzero-initialization of all page allocations via\nCONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1."}],"providerMetadata":{"dateUpdated":"2026-06-25T08:38:46.751Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/56763afa013444a9d84ca1b74e4b7130942177ba"},{"url":"https://git.kernel.org/stable/c/1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd"},{"url":"https://git.kernel.org/stable/c/4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c"}],"title":"fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-53167","datePublished":"2026-06-25T08:38:46.751Z","dateReserved":"2026-06-09T07:44:35.389Z","dateUpdated":"2026-06-25T08:38:46.751Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-25 09:16:34","lastModifiedDate":"2026-06-25 09:16:34","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"53167","Ordinal":"1","Title":"fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios","CVE":"CVE-2026-53167","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"53167","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios\n\nFUSE_NOTIFY_RETRIEVE must be limited to uptodate folios; !uptodate folios\ncan contain uninitialized data.\nSince FUSE_NOTIFY_RETRIEVE is intended to only return data that is already\nin the page cache and not wait for data from the FUSE daemon, treat\n!uptodate folios as if they weren't present.\n\nThis only has security impact on systems that don't enable automatic\nzero-initialization of all page allocations via\nCONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1.","Type":"Description","Title":"fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios"}]}}}