5 matches found
CVE-2026-43490
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...
CVE-2026-43490
The CVE-2026-43490 entry concerns the Linux kernel ksmbd SMB server. The flaw arises in smb_inherit_dacl() where the code validates a fixed SID header but not the variable-length SID described by sid.num_subauth, allowing a malformed inheritable ACE to advertise more subauthorities than present. ...
EUVD-2026-30503
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...
Linux Distros Unpatched Vulnerability : CVE-2026-43490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE...
PT-2026-41267
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the smb inherit dacl function fails to verify that the variable-length Security Identifier SID described by sid.num subauth is fully contained within the Access...