CVE-2026-23201

CVE-2026-23201: Linux kernel fix for ceph oops due to invalid pointer in kfree() within parse_longname(). Root cause was advancing the pointer to skip the initial '_' in ceph snapshot names, causing kfree() to receive an invalid pointer when listing .snap directories. The patch eliminates the poi...

EUVD-2026-5844

In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000845 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002268 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...

CVE-2025-68285

CVE-2025-68285 (libceph UAF in ceph map handling) – Summary : The Linux kernel fix addresses a use-after-free race in libceph during session establishment. The issue occurred when waiting for a new monmap/osdmap could race with a still-active map update, allowing dereferencing of freed map data (...

PT-2025-51689

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc2-build2+ 1266 Description The Linux kernel contains a flaw in libceph related to a potential use-after-free condition within the have mon and osd map function. The issue arises from a race condition in...

CVE-2025-39878

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method" by moving code from cephwritepagesstart to this...

CVE-2025-39879 ceph: always call ceph_shift_unused_folios_left()

In the Linux kernel, the following vulnerability has been resolved: ceph: always call cephshiftunusedfoliosleft The function cephprocessfoliobatch sets foliobatch entries to NULL, which is an illegal state. Before foliobatchrelease crashes due to this API violation, the function...

CVE-2025-21737 ceph: fix memory leak in ceph_mds_auth_match()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephmdsauthmatch We now free the temporary target path substring allocation on every possible branch, instead of omitting the default branch. In some cases, a memory leak occured, which could rapidly cras...

CVE-2024-56710 ceph: fix memory leak in ceph_direct_read_write()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephdirectreadwrite The bvecs array which is allocated in itergetbvecsalloc is leaked and pages remain pinned if cephallocsparseextmap fails. There is no need to delay the allocation of sparseext map unti...

RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

SUSE CVE-2014-6418

net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service system crash or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor...