Product

Ksmbd

3 briefs RSS

CVE-2026-43490: ksmbd inherited ACE SID length validation vulnerability

Microsoft published information about CVE-2026-43490, a vulnerability in ksmbd related to the validation of inherited ACE SID length.

ksmbd ACE SID CVE-2026-43490 vulnerability

2r 1c May 16, 2026

high advisory

CVE-2026-8449: Linux ksmbd Remote Memory Corruption Vulnerability

2 rules 3 TTPs 1 CVE

A remote memory corruption vulnerability exists in Linux ksmbd that allows remote clients with directory creation permissions to trigger a heap out-of-bounds read and subsequent heap corruption by setting a crafted DACL with a malformed SID, potentially leading to kernel instability, denial of service, or privilege escalation.

ksmbd privilege-escalation defense-evasion impact memory corruption

2r 3t 1c May 12, 2026

high advisory

CVE-2026-31478 Vulnerability in Microsoft ksmbd

2 rules 3 TTPs 1 CVE

CVE-2026-31478 is a vulnerability in Microsoft's ksmbd implementation related to incorrect calculation of maximum output buffer length, potentially leading to a denial-of-service or remote code execution.

ksmbd cve smb memory-corruption

2r 3t 1c Apr 23, 2026