Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: corrected the incorrect validation of the numaces field in smbacl. The parsedcal function validates numaces to allocate an array of posixacestatearray. If numaces exceeds ULONGMAX / sizeofstruct smbace++, it results in an...

CVE-2026-31706

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

PT-2026-36336

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the smb inherit dacl function trusts the num aces value from a parent directory's DACL xattr to determine the size of a heap allocation. An...

DEBIAN-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

UBUNTU-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

CVE-2025-21994

CVE-2025-21994 is a Linux kernel vulnerability in the ksmbd module where validation for the num_aces field of smb_acl was incorrect. The advisory notes that parse_dcal() should verify num_aces using the actual buffer size (smb_acl->size) rather than checking against a calculation that could al...