Improper Check or Handling of Exceptional Conditions in Linux kernel - CVE-2026-53174
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper error handling in ovl_iterate_merged() in fs/overlayfs/readdir.c when processing readdir operations on overlay-on-overlay directories. A local user can trigger nested directory iteration to cause a denial of service.
The issue is reachable through overlay-on-overlay readdir via getdents64.