Lucene search
K

2923 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.9 views

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS5.6AI score0.0049EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.16 views

EUVD-2026-32405

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

5.7AI score0.0049EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:56 p.m.30 views

CVE-2026-46024

CVE-2026-46024 targets the Linux kernel libceph component, where a CEPH_MSG_AUTH_REPLY containing zero values for both protocol and result could lead to a null pointer dereference due to ac->ops being NULL after faulty auth handling. The root cause is that a too-permissive check allowed ac-&gt...

7.5CVSS5.7AI score0.0049EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:56 p.m.9 views

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS5.7AI score0.0049EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the numops counter when encrypted allocation fails in Ceph, potentially leading to...

5.8AI score0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46066

ceph: fix numops off-by-one when crypto allocation fails...

5.8AI score0.00121EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46066

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the...

5.5CVSS6AI score0.00121EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43891

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur in the ceph handle auth reply function within libceph. This happens when a message of type 'CEPH MSG AUTH REPLY' contains zero values for both the...

7.5CVSS5.9AI score0.0049EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-46052

ceph: only dadd negative dentries when they are unhashed...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43919

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Ceph component of the Linux kernel where d add can be called on a negative dentry that is already present in the primary dcache hash. This occurs because certain...

7.5CVSS6AI score0.00501EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dadd operation in Ceph. This operation may cause hashed negative directory entries to be...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of a message where both the protocol and the result are zero in the cephhandleauthrep...

7.5CVSS5.8AI score0.0049EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43946

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A null-pointer dereference occurs in the rbd module when device add disk fails after device add has successfully published the device. In this scenario, the error path triggers a double...

5.5CVSS5.9AI score0.00138EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: only dadd negative dentries when they are unhashed Ceph can call dadddentry, NULL on a negative dentry that is already present in the primary dcache hash...

7.5CVSS6AI score0.00501EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.33 views

Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

9.8CVSS6.7AI score0.0071EPSS
Exploits0References190
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: ceph (UTSA-2026-016657)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016657 advisory. A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers vi...

6.5CVSS6.4AI score0.01627EPSS
Exploits0References4
OSV
OSV
added 2026/05/21 4:33 p.m.7 views

RXSA-2026:13565 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23136 kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of...

7.8CVSS6.1AI score0.96267EPSS
Exploits229References6
RedHat Linux
RedHat Linux
added 2026/05/20 2:0 p.m.10 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/20 2:0 p.m.13 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: Do not leak snaprwsem when handlecapgrant is called on an IMPORT operation. When handlecapgrant is called on an IMPORT operation, the snaprwsem resource is held, and the function is expected to release it before returning...

5.5CVSS6.1AI score0.00159EPSS
Exploits0References2
Rows per page
Query Builder