Buffer Overflow Risk in Linux Kernel Due to DACL Size Mismanagement
CVE-2026-31704

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-31704?

A vulnerability in the Linux kernel's ksmbd component involves the incorrect handling of DACL size accumulation. Specifically, the functions set_posix_acl_entries_dacl() and set_ntacl_dacl() utilize u16 variables to keep track of ACE sizes. This can result in an overflow when many POSIX ACL entries are present, leading to potential overlaps in memory where earlier entries may be unintentionally overwritten. To mitigate this risk, the implementation now incorporates check_add_overflow() to monitor size accumulation, preventing the risk of buffer corruption and maintaining the integrity of ACL entries.

Affected Version(s)

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 8d5729350b236896f51379588d9a690b7fafb8db

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9

Linux e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 < 5e7b8f3c539d69b2ed5f2408e2f75e68ce7eef43

References

https://git.kernel.org/stable/c/8d5729350b236896f51379588...

https://git.kernel.org/stable/c/e1955a94b6f17f4b058afa955...

https://git.kernel.org/stable/c/5e7b8f3c539d69b2ed5f2408e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31704 Data

JSON