Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure

The FUSE (Filesystem in Userspace) project, a staple of the Linux ecosystem that allows non-privileged users to create their own file systems, is facing a dual-threat. Researchers have identified two significant security flaws—CVE-2026-33179 and CVE-2026-33150—residing in the io_uring subsystem of libfuse.

These vulnerabilities primarily affect the modern io_uring transport layer, leaving the traditional /dev/fuse path untouched. However, for high-performance applications that have adopted the newer transport, the risks range from simple system crashes to potential arbitrary code execution.

The first flaw, tracked as CVE-2026-33179 (CVSS 5.5), is a classic case of improper error handling during memory allocation. In versions 3.18.0 through 3.19.0-rc0, the initialization of the io_uring queue fails to verify if memory has actually been granted by the system.Specifically, the function numa_alloc_local is called to set up request headers and payloads. If the system is under stress and this allocation fails, the code blindly proceeds with NULL pointers.

This leads to a two-fold impact:

• Denial of Service: A local user can trigger a crash of the FUSE daemon.
• Resource Exhaustion: Due to a logic error where the function incorrectly returns “success” even after a failure, allocated memory is never freed, leading to a persistent memory leak.

Carrying a more severe CVSS score of 7.8, CVE-2026-33150 presents a much more dangerous scenario: potential arbitrary code execution.

This vulnerability is triggered when the io_uring subsystem fails to create a new thread, often due to resource limits like a container’s pids.max constraint. In these instances, libfuse frees the memory associated with the “ring pool” but continues to store a dangling pointer in the session state.

The danger lies in the window of time between this initial failure and the final session shutdown—a period that can span hours. During this time:

1. An attacker can reallocate that freed 192-byte heap chunk with their own malicious content.
2. When the session finally exits, the destructor treats this “poisoned” memory as legitimate struct fields.
3. The system then executes critical functions like free(), close(), and pthread_cancel() on values provided by the attacker.

“Kubernetes CSI drivers that use libfuse are especially exposed because cgroup pids.max—the natural trigger for this vulnerability—is a standard pod constraint.”

Both vulnerabilities target the same version range and require the io_uring transport to be explicitly enabled.

Developers are urged to update to libfuse version 3.18.2, which addresses both flaws. Given that FUSE daemons often run with root privileges to handle system-wide mounts, applying this update is a critical priority for system administrators.