CVE-2026-31713
Received Received - Intake
FUSE Fatal Signal Abort During Sync Init

Publication date: 2026-05-01

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason (error, crash) while processing FUSE_INIT, the filesystem creation will hang. The reason is that while all other threads will exit, the mounting thread (or process) will keep the device fd open, which will prevent an abort from happening. This is a regression from the async mount case, where the mount was done first, and the FUSE_INIT processing afterwards, in which case there's no such recursive syscall keeping the fd open.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31713
EUVD
EUVD-2026-26522
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.1
linux linux_kernel From 6.19 (inc) to 7.0.2 (exc)
linux linux_kernel From 6.18 (inc) to 6.18.25 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's FUSE (Filesystem in Userspace) implementation. Specifically, when the sync init method is used and the server exits unexpectedly (due to an error or crash) while processing the FUSE_INIT request, the creation of the filesystem hangs. This happens because although other threads exit, the mounting thread or process keeps the device file descriptor (fd) open, preventing the abort process from completing.

This issue is a regression compared to the async mount case, where the mount operation completes before FUSE_INIT processing, avoiding the problem of a recursive syscall keeping the fd open.

Impact Analysis

The vulnerability can cause the filesystem creation process to hang indefinitely when the server crashes or exits during FUSE_INIT processing using sync init. This can lead to system instability or denial of service conditions where the affected filesystem cannot be mounted or used properly.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31713. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart