CVE-2026-31704

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In the ksmbd module, the functions set posix acl entries dacl() and set ntacl dacl() accumulate Access Control Entry (ACE) sizes using u16 variables. When a file contains numerous POSIX ACL entries, the accumulated size can exceed 65535, leading to an integer overflow. This causes pointer arithmetic to point to previously written ACEs, resulting in subsequent writes overwriting earlier entries and the pndacl->size variable receiving a truncated value.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.