๐Ÿ” CVE Alert

CVE-2026-43350

HIGH 7.6

smb: client: require a full NFS mode SID before reading mode bits

CVSS Score
7.6
EPSS Score
0.2%
EPSS Percentile
12th

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an NFS mode SID and reads sid.sub_auth[2] to recover the mode bits. That assumes the ACE carries three subauthorities, but compare_sids() only compares min(a, b) subauthorities. A malicious server can return an ACE with num_subauth = 2 and sub_auth[] = {88, 3}, which still matches sid_unix_NFS_mode and then drives the sub_auth[2] read four bytes past the end of the ACE. Require num_subauth >= 3 before treating the ACE as an NFS mode SID. This keeps the fix local to the special-SID mode path without changing compare_sids() semantics for the rest of cifsacl.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published May 8, 2026
Last Updated Jun 19, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Linux / Linux
e2f8fbfb8d09c06decde162090fac3ee220aa280 < 23b54d6cc3ef30a51d984dc74364f24039ae2ecb e2f8fbfb8d09c06decde162090fac3ee220aa280 < 1592a6cd6f653f2d24572a6976c7a775b19f4940 e2f8fbfb8d09c06decde162090fac3ee220aa280 < 8bd4cad3f458d11650d51c2d24b03fb1770ae6cc e2f8fbfb8d09c06decde162090fac3ee220aa280 < b53b8e98c23310294fc45fc686db5ee860311896 e2f8fbfb8d09c06decde162090fac3ee220aa280 < c8eef12af1cc73031639ea7cf16e0b10e2536b0b e2f8fbfb8d09c06decde162090fac3ee220aa280 < 38a69f08ee82c450d3e4168707fff2e317dc3ff7 e2f8fbfb8d09c06decde162090fac3ee220aa280 < f8488c07bea2431ee12a6067d736578064fa46b4 e2f8fbfb8d09c06decde162090fac3ee220aa280 < 2757ad3e4b6f9e0fed4c7739594e702abc5cab21
Linux / Linux
5.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/23b54d6cc3ef30a51d984dc74364f24039ae2ecb git.kernel.org: https://git.kernel.org/stable/c/1592a6cd6f653f2d24572a6976c7a775b19f4940 git.kernel.org: https://git.kernel.org/stable/c/8bd4cad3f458d11650d51c2d24b03fb1770ae6cc git.kernel.org: https://git.kernel.org/stable/c/b53b8e98c23310294fc45fc686db5ee860311896 git.kernel.org: https://git.kernel.org/stable/c/c8eef12af1cc73031639ea7cf16e0b10e2536b0b git.kernel.org: https://git.kernel.org/stable/c/38a69f08ee82c450d3e4168707fff2e317dc3ff7 git.kernel.org: https://git.kernel.org/stable/c/f8488c07bea2431ee12a6067d736578064fa46b4 git.kernel.org: https://git.kernel.org/stable/c/2757ad3e4b6f9e0fed4c7739594e702abc5cab21