GHSA-9hm7-v4rj-6wqj · Severity: high — In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited...
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that the variable-length SID described by sid.num_subauth is fully contained in the ACE. A malformed inheritable ACE can advertise more subauthorities than are present in the ACE. compare_sids() may then read past the ACE. smb_set_ace() also clamps the copied destination SID, but used the unchecked source SID count to compute the inherited ACE size. That could advance the temporary inherited ACE buffer pointer and nt_size accounting past the allocated buffer. Fix this by validating the parent ACE SID count and SID length before using the SID during inheritance. Compute the inherited ACE size from the copied SID so the size matches the bounded destination SID. Reject the inherited DACL if size accumulation would overflow smb_acl.size or the security descriptor allocation size.
Conclusion & alert: CVE-2026-43490 is rated Low Risk (36.9/100): CVSS High severity, with low exploitation likelihood (EPSS 0.02%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-05-15 | — | 0.02% | — |
Full EPSS history (1 record total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 8.8 | 3.1 | HIGH |
|
2.8 | 5.9 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
GHSA-9hm7-v4rj-6wqj · Severity: high — In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
unimportant | CVE-2026-43490 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 4, open 1. | https://security-tracker.debian.org/tracker/CVE-2026-43490 |
redhat
|
— | — | https://access.redhat.com/security/cve/CVE-2026-43490 |
suse
|
medium | CVE-2026-43490 severity moderate: SUSE including 19 source package names (cluster-md-kmp-default, dlm-kmp-default, …), 125 product×package rows across 24 product lines (SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS, SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS, … (24 product lines)): Known Not Affected 125. | https://www.suse.com/security/cve/CVE-2026-43490/ |
ubuntu
|
medium | CVE-2026-43490 medium priority: Ubuntu including 161 source packages (linux, linux-allwinner-5.19, …), 1449 status rows across 9 suites (bionic, focal, jammy, noble, questing, resolute, trusty, upstream, xenial): DNE 1048, ignored 169, needed 98, released 83, not-affected 45, needs-triage 6. | https://ubuntu.com/security/CVE-2026-43490 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| No affected products in dataset. | |||