EUVD-2026-39846

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

CVE-2026-53311

The CVE-2026-53311 entry concerns the Linux kernel fuse module. It describes a bug in fuse_dentry_revalidate() where a dentry could be passed without initialized ->d_time, discovered via KMSAN traces involving lookup_open(), __d_alloc(), d_revalidate(), and related path_openat/open_last_lookup...