CVE-2026-43350

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the SMB client where the parse dacl() function incorrectly handles Access Control Entry (ACE) SIDs. The function treats an ACE SID matching sid unix NFS mode as an NFS mode SID and attempts to read sid.sub auth[2] to recover mode bits. However, because compare sids() only compares the minimum number of subauthorities between two SIDs, a malicious server can provide an ACE with only two subauthorities that still matches sid unix NFS mode. This leads to an out-of-bounds read, where the system reads four bytes past the end of the ACE.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.