UBUNTU-CVE-2026-33179

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2026-33179

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-33179.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2026-33179

Upstream

CVE-2026-33179

Published

2026-03-20T21:17:00Z

Modified

2026-04-27T20:05:22.258405Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuseuringinitqueue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numaalloclocal fails during iouring queue entry setup, the code proceeds with NULL pointers. When fuseuringregisterqueue fails, NUMA allocations are leaked and the function incorrectly returns success. Only the iouring transport is affected; the traditional /dev/fuse path is not affected. PoC confirmed with AddressSanitizer/LeakSanitizer. This issue has been patched in version 3.18.2.

References

Affected packages

Ubuntu:26.04 / fuse3

Package

Name: fuse3
Purl: pkg:deb/ubuntu/fuse3@3.18.2-1?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.17.4-1

3.18.1-1

3.18.2-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "3.18.2-1",
            "binary_name": "fuse"
        },
        {
            "binary_version": "3.18.2-1",
            "binary_name": "fuse3"
        },
        {
            "binary_version": "3.18.2-1",
            "binary_name": "libfuse3-4"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-33179.json"