Linux kernel smb_check_perm_dacl function out-of-bounds read vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability. The vulnerability stems from insufficient ACE size validation in the smbcheckpermdacl function of ksmbd, whic...

CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability. The vulnerability stems from insufficient ACE size validation in the smbcheckpermdacl function of ksmbd, whic...

EUVD-2022-54863

Malicious code in bioql PyPI...

CVE-2022-49366 ksmbd: fix reference count leak in smb_check_perm_dacl()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

CVE-2022-49366 ksmbd: fix reference count leak in smb_check_perm_dacl()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

CVE-2022-49366

CVE-2022-49366 affects ksmbd in the Linux kernel. The vulnerability arises in smb_check_perm_dacl() when id and uid have the same value, causing a path to exit the loop without decrementing the reference count of the posix_acls object (increased by get_acl()), which may lead to memory leaks. The ...

GSD-2022-1003292 ksmbd: fix reference count leak in smb_check_perm_dacl()

ksmbd: fix reference count leak in smbcheckpermdacl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...