Lucene search
+L

28 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:12 p.m.7 views

CVE-2026-52956

A flaw was found in the Linux kernel's libceph module. A remote attacker could trigger an out-of-bounds memory access in the cephxdecrypt function by sending a specially crafted message frame of type FRAMETAGAUTHREPLYMORE with a small ciphertext length. This vulnerability arises because the...

7.5CVSS6.1AI score0.00359EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38824

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

5.9AI score0.00359EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:20 p.m.11 views

CVE-2026-46119

A flaw was found in the Linux kernel's libceph component. A remote attacker could exploit this vulnerability by sending a specially crafted CEPHMSGAUTHREPLY message. When the message's result field contains a positive value, it can be misinterpreted as a buffer size, leading to a slab-out-of-boun...

9.1CVSS5.9AI score0.00525EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 9:35 a.m.1 views

CVE-2026-46119 libceph: Fix slab-out-of-bounds access in auth message processing

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

9.1CVSS6AI score0.00525EPSS
Exploits0References10
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:11 a.m.9 views

libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()

...

7.5CVSS5.4AI score0.0049EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.12 views

SUSE CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

6.5CVSS5.7AI score0.0049EPSS
Exploits0References14
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS0.0049EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.10 views

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS5.6AI score0.0049EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.19 views

EUVD-2026-32405

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

5.7AI score0.0049EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:56 p.m.33 views

CVE-2026-46024

CVE-2026-46024 targets the Linux kernel libceph component, where a CEPH_MSG_AUTH_REPLY containing zero values for both protocol and result could lead to a null pointer dereference due to ac->ops being NULL after faulty auth handling. The root cause is that a too-permissive check allowed ac-&gt...

7.5CVSS5.7AI score0.0049EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.49 views

CVE-2026-46024 libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS0.0049EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43891

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur in the ceph handle auth reply function within libceph. This happens when a message of type 'CEPH MSG AUTH REPLY' contains zero values for both the...

7.5CVSS5.9AI score0.0049EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this ...

7.5CVSS6.5AI score0.0049EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28713

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

5.8AI score0.00537EPSS
Exploits0References9
NVD
NVD
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS0.00537EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.11 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.8AI score0.00537EPSS
Exploits0References33
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.7AI score0.00537EPSS
Exploits0References34
OSV
OSV
added 2026/05/08 2:21 p.m.1 views

CVE-2026-43407 libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS6.2AI score0.00537EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS5.8AI score0.00537EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.36 views

CVE-2026-43407 libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

9.1CVSS0.00537EPSS
Exploits0References8
Rows per page
Query Builder