¡¾·ì϶¹«¸æ¡¿Linux Kernel FUSEÒ³»º´æÒç¶Âí½Å(CVE-2026-31694)
°ä²¼¹¦·ò 2026-07-08Ò»¡¢·ì϶¸ÅÊö

Linux KernelÊÇLinux²Ù×÷ϵͳµÄÖ÷Ìâ×é¼þ£¬ÕƹÜÖÎÀíϵͳӲ¼þ×ÊÔ´¡¢¹ý³Ìµ÷¶È¡¢ÄÚ´æÖÎÀí¡¢Îļþϵͳ¡¢ÍøÂçͨѶµÈ¹Ø¼üÖ°ÄÜ¡£FUSE£¨Filesystem in Userspace£©ÊÇLinux KernelÌṩµÄÓû§Ì¬Îļþϵͳ¿ò¼Ü£¬ÔÊÐíÓû§¿Õ¼ä·¨Ê½ÊµÏÖ×Ô½ç˵Îļþϵͳ£¬Í¨¹ý/dev/fuseÓëÄں˽øÐÐͨѶ£¬¿í·ºÓÃÓÚÐé¹¹Îļþϵͳ¡¢ÔÆ´æ´¢¹ÒÔØ¼°Óû§Ì¬´æ´¢·þÎñµÈ³¡¾°¡£
2026Äê7ÔÂ8ÈÕ£¬28Ȧ°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Linux Kernel FUSEÒ³»º´æÒç¶Âí½Å¡£¸Ã·ì϶´æÔÚÓÚfs/fuse/readdir.cÎļþµÄfuse_add_dirent_to_cache()º¯ÊýÖУ¬ÓÉÓÚÄÚºËδУÑéÓÉFUSEÓû§Ì¬·þÎñÆ÷½ÚÔìµÄĿ¼Ïî´óÓ×£¬µ¼Ö³¬´óĿ¼ÏîÔÚдÈëÒ³»º´æÊ±²úÉúÔ½½çдÈë¡£¹¥»÷Õß¿Éͨ¹ý´´½¨¶ñÒâFUSEÎļþϵͳ²¢·µ»ØÌØÔìĿ¼Ïî´¥·¢·ì϶£¬¸²¸ÇÏàÁÚÄÚºËÒ³»º´æÊý¾Ý£¬½øÒ»²½ÀûÓÃSUID·¨Ê½»º´æÄÚÈÝ´Û¸ÄʵÏÖ±¾µØÈ¨ÏÞÌáÉý£¬×îÖÕ»ñÈ¡rootȨÏÞ¡£
¶þ¡¢Ó°ÏìÁìÓò
4.20 <= Linux Kernel < 6.6.136
6.7 <= Linux Kernel < 6.12.84
6.13 <= Linux Kernel < 6.18.25
6.19 <= Linux Kernel < 7.0.2
Linux Kernel = 7.1-rc1
Linux Kernel = 7.1-rc2
Èý¡¢°²È«´ëÊ©
3.1 Éý¼¶°æ±¾¹Ù·½ÒѰ䲼½¨¸´²¹¶¡£¬ÒÔ½¨¸´¸Ã·ì϶¡£
Linux Kernel >= 6.6.136
Linux Kernel >= 6.12.84
Linux Kernel >= 6.18.25
Linux Kernel >= 7.0.2
Linux Kernel >= 7.1-rc3
ÏÂÔØÁ´½Ó£º
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=51a8de6c50bf947c8f534cd73da4c8f0a13e7bed/
3.2һʱ´ëÊ©
ÔÚÎÞ·¨µ±¼´Éý¼¶Äں˵ÄÇé¿öÏ£¬½¨Ò飺
²»ÈÝͨ³£Óû§¹ÒÔØ FUSE Îļþϵͳ£»
ÏÞ¶È /dev/fuse É豸½Ó¼ûȨÏÞ£»
½ûÓò»ÓÃÒªµÄ FUSE ·þÎñºÍ×é¼þ£»
¶Ô´æÔÚ¸ßȨÏÞÔËÐл·¾³£¨·þÎñÆ÷¡¢ÔÆÖ÷»ú¡¢ÈÝÆ÷ËÞÖ÷»ú£©ÓÅÏÈÆÌÅÅÄÚºËÉý¼¶¡£
3.3 ͨÓý¨Òé
¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬Ï÷¼õϵͳ·ì϶£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£
¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬Åú¸Ä·À»ðǽսÊõ£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬Ï÷¼õ¹¥»÷Ãæ¡£
ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£
¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏÞ¶È¡£
ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£
3.4 ²Î¿¼Á´½Ó
https://nvd.nist.gov/vuln/detail/CVE-2026-31694/https://bynar.io/blog/discovery-validation-in-the-linux-kernel-part-2-fuse-page-cache-overflow


¾©¹«Íø°²±¸11010802024551ºÅ