CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/06/22 6:28 a.m.•6 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.7AI score0.00126EPSS

RedHat Linux•added 2026/06/22 6:28 a.m.•32 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS5.7AI score0.00341EPSS

Tenable Nessus•added 2026/06/22 12:0 a.m.•5 views

RHEL 9 : kernel (RHSA-2026:27735)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27735 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: libceph: make decodepool more...

9.8CVSS6.6AI score0.00469EPSS

Exploits4References22

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: Replace BUGON with a bounds check for map-maxosd. OSD indexes come from untrusted network packets. Boundaries checks are added to validate these against map-maxosd. idryomov: removed BUGON in cephgetprimaryaffinity, mino...

5.3AI score0.00168EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: libceph: fixed a potential use-after-free in havemonandosdmap The wait loop in cephopensession can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both cephmonchandlemap and...

5.7AI score0.00173EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...

7.5CVSS5.7AI score0.0028EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds reads in processmessageheader have been prevented. If the message frame is maliciously corrupted in such a way that the length of the control segment becomes shorter than the size of the message...

9.1CVSS6.1AI score0.00502EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapDecode This patch fixes unnecessary implicit conversions that change the signedness of bloblen and nummon in cephmonmapDecode. Currently, bloblen and nummon are signed int...

7.5CVSS5.6AI score0.0049EPSS

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds writes have been prevented in the handleauthsessionkey function. The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes...

5.3AI score0.00173EPSS

Exploits0References2

9.8CVSS5.2AI score0.00351EPSS

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: prevented potential out-of-bounds reads in handleauthdone A explicit bounds check was performed on payloadlen to avoid possible out-of-bounds accesses during the callout. idryomov: changelog...

7.1CVSS5.3AI score0.00126EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: makes decodepool more resilient against corrupted osdmaps. If the osdmap is maliciously corrupted in such a way that the encoded length of the cephpgpool envelope is less than what is expected for a particular encoding...

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Defined and enforced the CEPHMAXKEYLEN. When decoding the key, verify that the key material fits into a fixed-size buffer in processauthdone, and that its length is reasonable. The new CEPHMAXKEYLEN check replaces the...

9.8CVSS5.8AI score0.00502EPSS

RedHat Linux•added 2026/06/17 12:5 p.m.•10 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

9.8CVSS5.5AI score0.00351EPSS

RedHat Linux•added 2026/06/17 12:5 p.m.•13 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

9.8CVSS5.6AI score0.00469EPSS

Exploits4References19

RedHat Linux•added 2026/06/17 12:5 p.m.•7 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

7.5CVSS5.4AI score0.00341EPSS

RedHat Linux•added 2026/06/17 6:53 a.m.•5 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

7.5CVSS6.3AI score0.00341EPSS