What is CVE-2026-53167?

CVE-2026-53167 is a unscored severity Linux kernel vulnerability. CVE-2026-53167 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-53167?

CVE-2026-53167 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-53167?

No patch is currently available for CVE-2026-53167. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2026-53167 actively exploited?

CVE-2026-53167 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-53167

In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios FUSE_NOTIFY_RETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSE_NOTIFY_RETRIEVE is intended to only return data that is already in the page cache and not wait for data from the FUSE daemon, treat !uptodate folios as if they weren't present. This only has security impact on systems that don't enable automatic zero-initialization of all page allocations via CONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1.

Package Linux Kernel

Published 2026-06-25

Last modified 2026-06-25

Patch available

Awaiting data

References

3 total

Kernel Git
https://git.kernel.org/stable/c/1fb8735a3a4d894f8c1f90b741a3ab1d3817f9bd
Kernel Git
https://git.kernel.org/stable/c/4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c
Kernel Git
https://git.kernel.org/stable/c/56763afa013444a9d84ca1b74e4b7130942177ba