2919 matches found
kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7107: Backport to 4.18.z CLONE - ODF Console is breaking DFBUGS-7064: RHODF 4.18.24 release DFBUGS-7046:...
Important: Red Hat Security Advisory: New container image: rhceph-9.0
A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 9.0. This release updates to the latest version...
kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7495-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7495-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Critical: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781 kernel: nbd: defer config unlock in nbdgenlconnect...
EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2132)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...
EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...
[SECURITY] [DSA 6321-1] ceph security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6321-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 03, 2026 https://www.debian.org/security/faq -...
Debian dsa-6321 : ceph - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6321 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6321-1 [email protected]...
libceph: Fix slab-out-of-bounds access in auth message processing
...
kernel security update
An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RLSA-2026:19568 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...
kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()
...
ceph: only d_add() negative dentries when they are unhashed
...
SUSE CVE-2026-46024
In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...
SUSE CVE-2026-46052
In the Linux kernel, the following vulnerability has been resolved: ceph: only dadd negative dentries when they are unhashed Ceph can call dadddentry, NULL on a negative dentry that is already present in the primary dcache hash. In the current VFS that is not safe. dadd goes through dadd to...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...
CVE-2026-46052
A flaw was found in the Linux kernel's Ceph filesystem. A local user or process interacting with the Ceph filesystem could trigger a dcache hash corruption when a negative dentry is incorrectly re-added to the dcache hash while it is already present. This can cause the system to experience an RCU...