CVE-2026-31706 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: May 3, 2026
Linux Kernel ksmbd - Out of Bounds Read/Write
Published: May 1, 2026Updated: May 3, 2026Remote Exploitable
Overview
Linux kernel ksmbd contains a heap allocation vulnerability caused by unvalidated num_aces value in smb_inherit_dacl(), letting authenticated clients cause large memory allocation and potential overflow, exploit requires tampered parent directory's security.NTACL xattr.
Severity & Score
Severity: High
CVSS Score: 8.8
Impact
Authenticated attackers can cause large memory allocations and potential kernel memory corruption, leading to denial of service or system instability.
Mitigation
Update to the latest Linux kernel version containing the patch that validates num_aces and hardens ACE walk in smb_inherit_dacl().
References
Related Resources
Details
- CVE ID
- CVE-2026-31706
- Severity
- High
- CVSS Score
- 8.8
- Type
- out_of_bounds_rw
- Status
- unconfirmed
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H