ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
CVE-2026-31694 is a missing bounds check in fs/fuse/readdir.c that lets an unprivileged local user write 24 bytes past a kernel page. A FUSE daemon with namelen=4095 triggers the overflow, which can land on a cached /etc/passwd copy to escalate to root. Fixed in mainline on 20 April 2026.
Tap to vote and see what everyone thinks.
Summary by ByteBrief