10 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: It is required that the ACE size be of a minimum value in smbcheckpermdacl. Both ACE-walking loops in smbcheckpermdacl only protect against a remaining buffer being undersized, but not against an ACE whose declared ace-siz...
Linux kernel smb_check_perm_dacl function out-of-bounds read vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability. The vulnerability stems from insufficient ACE size validation in the smbcheckpermdacl function of ksmbd, whic...
CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
EUVD-2026-26521
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
CVE-2026-31712
CVE-2026-31712 affects ksmbd in the Linux kernel. A crafted DACL with an undersized ACE can bypass validation in smb_check_perm_dacl(), causing an out-of-bounds read during a subsequent file CREATE. The issue arises when ace->size and the ACE layout permit reading access_req (offset 4) and sid...
CVE-2026-31712
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
CVE-2026-31712 ksmbd: require minimum ACE size in smb_check_perm_dacl()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...
EUVD-2026-26513
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...
PT-2026-36342
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the ksmbd component. The smb check perm dacl function fails to properly validate that an Access Control Entry ACE size is sufficient for the structure it...