CVE-2026-53341 Overview
CVE-2026-53341 is a use-after-free (UAF) vulnerability in the Linux kernel's file handle decoding path. The flaw resides in may_decode_fh(), which reads mount::mnt_ns without holding any locks. A concurrent unmount can free the associated mnt_namespace after an RCU grace period, leaving the reader dereferencing freed memory.
Critical Impact
The race condition can leak a small amount of kernel state to userspace, trigger an endless loop, or crash the kernel by dereferencing an invalid address. The bug is only reachable when CONFIG_PREEMPTION or CONFIG_RCU_STRICT_GRACE_PERIOD is enabled.
Affected Products
- Linux kernel (upstream) prior to the fix commits referenced by the stable tree
- Distributions shipping kernels built with CONFIG_PREEMPTION=y
- Distributions shipping kernels built with CONFIG_RCU_STRICT_GRACE_PERIOD=y
Discovery Timeline
- 2026-07-01 - CVE-2026-53341 published to NVD
- 2026-07-01 - Last updated in NVD database
Technical Details for CVE-2026-53341
Vulnerability Analysis
The vulnerability is a use-after-free triggered by a race between the open_by_handle_at() syscall path and a concurrent close that dissolves an open_tree(..., OPEN_TREE_CLONE) mount. Thread 1 enters __do_sys_open_by_handle_at → do_handle_open → handle_to_path → may_decode_fh, which calls is_mounted() and then reads mount::mnt_ns. Concurrently, thread 2 executes __do_sys_close → fput_close_sync → __fput → dissolve_on_fput → umount_tree, releasing the namespace via namespace_unlock → free_mnt_ns → mnt_ns_tree_remove, which queues mnt_ns_release_rcu through call_rcu(). When the RCU grace period elapses before thread 1 completes its access, mnt_ns_release calls kfree on the namespace, and thread 1's subsequent mnt_namespace::user_ns dereference reads freed memory.
Root Cause
The root cause is a missing synchronization primitive around a lockless pointer read. may_decode_fh() reads mount::mnt_ns outside any lock and outside an RCU read-side critical section. Writers freeing the namespace rely on RCU to defer deallocation, but the reader never entered the RCU read side, so the grace period does not protect it.
Attack Vector
A local unprivileged attacker who can invoke open_by_handle_at() and manipulate mount trees through open_tree() with OPEN_TREE_CLONE can race the two code paths. Successful exploitation requires precise scheduling and a preemptible kernel configuration. According to the upstream commit message, the security impact is limited: worst-case outcomes are a small information leak from the level check in cap_capable(), an endless loop, or a kernel crash from an invalid pointer dereference.
See the upstream fix commit for the corrected locking discipline.
Detection Methods for CVE-2026-53341
Indicators of Compromise
- Unexpected kernel oops or panic messages referencing may_decode_fh, handle_to_path, or mnt_ns_release in dmesg or /var/log/kern.log.
- KASAN reports flagging use-after-free reads inside the fhandle code path on kernels built with sanitizers enabled.
- Repeated crashes correlated with local processes invoking open_by_handle_at() and open_tree() in tight loops.
Detection Strategies
- Enable KASAN on test kernels to surface the UAF deterministically during fuzzing or regression runs.
- Audit local telemetry for unprivileged processes issuing open_by_handle_at with high frequency alongside open_tree and close calls.
- Monitor for kernel taint flags and unexpected reboots on hosts running preemptible kernels.
Monitoring Recommendations
- Collect kernel logs centrally and alert on BUG:, general protection fault, or KASAN strings that reference mnt_namespace or may_decode_fh.
- Track kernel package versions across the fleet to identify hosts still exposed to the pre-patch code.
- Instrument syscall auditing (e.g., auditd rules on open_by_handle_at) on multi-tenant systems where local attackers are in scope.
How to Mitigate CVE-2026-53341
Immediate Actions Required
- Apply the stable kernel updates that include the fhandle: fix UAF due to unlocked ->mnt_ns read in may_decode_fh() patch series.
- Prioritize patching on hosts with CONFIG_PREEMPTION=y or CONFIG_RCU_STRICT_GRACE_PERIOD=y, since only these configurations are reachable.
- Reboot systems after installing updated kernel packages so the fix takes effect.
Patch Information
The upstream fix wraps the mount::mnt_ns access in rcu_read_lock(), mirroring the pattern used in __prepend_path(). Writers that can race with lockless readers now use WRITE_ONCE(), and the semantics of mount::mnt_ns are documented in the source. Patches are available in the stable tree: commit 32138633, commit 40ab6644, and commit a8ed2c29.
Workarounds
- Rebuild the kernel without CONFIG_PREEMPTION and without CONFIG_RCU_STRICT_GRACE_PERIOD where operationally acceptable, since the bug is unreachable outside those configurations.
- Restrict local access on multi-tenant systems until the patched kernel is deployed.
- Disable or restrict use of open_by_handle_at() through seccomp filters for untrusted workloads.
# Verify running kernel version and preemption model
uname -r
grep -E 'CONFIG_PREEMPT|CONFIG_RCU_STRICT_GRACE_PERIOD' /boot/config-$(uname -r)
# Example seccomp allowlist snippet: deny open_by_handle_at for untrusted services
# (integrate into systemd unit via SystemCallFilter=)
SystemCallFilter=~open_by_handle_at
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

