Out-of-bounds read in Linux kernel - CVE-2026-43490
Published: May 15, 2026
Vulnerability identifier: #VU131584
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-43490
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read and out-of-bounds write in smb_inherit_dacl() when processing a parent directory DACL from the security descriptor xattr during ACE inheritance. A remote user can provide a malformed inheritable ACE with an invalid SID length to cause a denial of service.
The issue occurs because the ACE can advertise more SID subauthorities than are actually present, which can lead to reads past the ACE and incorrect inherited ACE size accounting.
How to mitigate CVE-2026-43490
Install security update from vendor's repository.