Improper access control in Linux kernel - CVE-2026-52944
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote user to bypass permission checks and modify file sparse attributes.
The vulnerability exists due to improper access control in fsctl_set_sparse() when handling FSCTL_SET_SPARSE requests. A remote user can send a crafted FSCTL_SET_SPARSE request on an opened file to bypass permission checks and modify file sparse attributes.
The issue affects both clients on read-only shares and clients on writable shares that lack FILE_WRITE_DATA or FILE_WRITE_ATTRIBUTES access.