CVE-2026-8449

Summary

Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that allows remote clients with directory creation permissions to trigger a heap out-of-bounds read and subsequent heap corruption by setting a crafted DACL with a malformed SID containing an inflated num_subauth field. Attackers can exploit this vulnerability by creating a directory, setting the malicious DACL via SMB2_SET_INFO, and creating child entries to cause kernel instability, denial of service, or potentially achieve privilege escalation to kernel code execution.

Affected Software

VendorProductVersion RangeStatus
Linuxksmbd0 <= 996454baffected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

References