CVE-2026-8936
Awaiting Analysis Awaiting Analysis - Queue
grpcfuse Kernel Module VM Panic via Unbounded Recursion

Publication date: 2026-06-02

Last updated on: 2026-06-04

Assigner: Docker Inc.

Description
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-04
Generated
2026-06-24
AI Q&A
2026-06-03
EPSS Evaluated
2026-06-22
NVD
CVE-2026-8936
EUVD
EUVD-2026-34033
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
docker docker_desktop 4.76.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-674 The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a flaw in the grpcfuse kernel module used by Docker Desktop. It causes a virtual machine (VM) panic due to unbounded recursion when a container creates deeply nested directories on a bind-mounted host folder and triggers a dentry invalidation event. Essentially, the system enters an infinite recursive state leading to a crash.

The issue has been addressed and fixed in Docker Desktop version 4.76.0.

Impact Analysis

This vulnerability can cause the Docker Desktop virtual machine to panic and crash when certain conditions are met, specifically when deeply nested directories are created in a container on a bind-mounted host folder. This can lead to service disruption, loss of availability, and potential interruption of containerized applications running on affected systems.

Mitigation Strategies

To mitigate this vulnerability, update Docker Desktop to version 4.76.0 or later where the issue has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8936. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart