{
  "public_date" : "2026-05-01T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: ksmbd: use check_add_overflow() to prevent u16 DACL size overflow",
    "id" : "2464482",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2464482"
  },
  "cwe" : "CWE-190",
  "details" : [ "A flaw was found in the ksmbd component of the Linux kernel. This vulnerability arises from an integer overflow when handling Access Control List (ACL) sizes. When a file is configured with a large number of POSIX ACL entries, the system's calculation of the accumulated size can exceed its designated memory, leading to incorrect pointer arithmetic. This can result in the corruption of the buffer, causing existing ACL entries to be overwritten and potentially leading to data integrity issues or system instability." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-31704\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31704\nhttps://lore.kernel.org/linux-cve-announce/2026050120-CVE-2026-31704-1144@gregkh/T" ],
  "name" : "CVE-2026-31704",
  "csaw" : false
}