Lucene search
K

444 matches found

RedhatCVE
RedhatCVE
added 2026/05/08 10:26 p.m.11 views

CVE-2026-43405

A flaw was found in the libceph component of the Linux kernel. This vulnerability occurs in the cephmonmapdecode function due to incorrect handling of non-negative values, where int variables are used instead of u32 for bloblen and nummon. An attacker could exploit this by sending a specially...

7.5CVSS5.8AI score0.0049EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/08 6:46 p.m.10 views

CVE-2026-43304

A flaw was found in the libceph component of the Linux kernel. This vulnerability occurs when the kernel processes authentication keys, specifically in the processauthdone function, where it fails to properly enforce a maximum length for key material. An attacker could exploit this by providing a...

9.8CVSS6AI score0.00502EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28713

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

5.8AI score0.00537EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28712

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

5.7AI score0.00502EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28574

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPHMAXKEYLEN When decoding the key, verify that the key material would fit into a fixed-size buffer in processauthdone and generally has a sane length. The new CEPHMAXKEYLEN check replaces the existin...

5.8AI score0.00502EPSS
Exploits0References8
NVD
NVD
added 2026/05/08 3:16 p.m.8 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS0.00537EPSS
Exploits0References8
NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

9.1CVSS0.00502EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

7.5CVSS5.7AI score0.0049EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

9.1CVSS5.7AI score0.00502EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.8AI score0.00537EPSS
Exploits0References10
OSV
OSV
added 2026/05/08 3:16 p.m.8 views

UBUNTU-CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.7AI score0.00537EPSS
Exploits0References23
OSV
OSV
added 2026/05/08 3:16 p.m.6 views

UBUNTU-CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

9.1CVSS5.7AI score0.00502EPSS
Exploits0References21
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.10 views

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

5.7AI score0.00502EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

5.8AI score0.00537EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:21 p.m.34 views

CVE-2026-43407

The CVE-2026-43407 issue affects the Linux kernel libceph component, where a CEPH_MSG_AUTH_REPLY with a large payload_len could trigger an integer overflow and out-of-bounds read. The root cause is storing payload_len and related lengths in int, allowing negative values to underflow pointers. The...

9.1CVSS5.8AI score0.00537EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/08 2:21 p.m.23 views

CVE-2026-43406

CVE-2026-43406 affects the Linux kernel libceph component. The issue is in process_message_header() where, if a message frame is corrupted or misrepresented, an out-of-bounds read may occur due to a missing explicit bounds check before decoding the header. The vulnerability can enable remote expl...

9.1CVSS5.7AI score0.00502EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.8AI score0.00537EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43406

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in processmessageheader If the message frame is maliciously corrupted in a way that the length of the control segment ends up being less than the size of the message header or a...

9.1CVSS5.7AI score0.00502EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.5 views

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

5.7AI score0.0049EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.30 views

CVE-2026-43405 libceph: Use u32 for non-negative values in ceph_monmap_decode()

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

7.5CVSS0.0049EPSS
Exploits0References7
Rows per page
Query Builder