Listen to this Post
The vulnerability exists within the fuser crate’s implementation of fuse_session_new. This function incorrectly passes a NULL pointer for the `op` parameter, which is expected by the underlying libfuse library to be a valid pointer to a struct containing file system operation callbacks. Instead of pointing to the initialized `fuser::Session` operations, the NULL value is passed directly to libfuse. This violation of libfuse’s API contract causes the library to read function pointers from an uninitialized memory segment, leading to information disclosure through memory leaks. The subsequent use of these uninitialized values as valid function addresses can also cause undefined behavior, including program crashes.
Platform: Linux
Version: fuser crate
Vulnerability: Memory Leak
Severity: Critical
date: 2025-09-15
Prediction: Patch by 2025-09-22
What Undercode Say:
`strace -e trace=file ./fuse_app`
`valgrind –leak-check=full ./target/debug/program`
`gdb -ex “break fuse_session_new” -ex run –args ./target/debug/program`
How Exploit:
Craft a malicious filesystem operation trigger to read uninitialized memory contents from the process, potentially exposing sensitive pointers or data.
Protection from this CVE:
Update fuser crate.
Impact:
Information Disclosure, Denial of Service.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

