78 matches found
SUSE CVE-2026-46066
In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...
CVE-2026-46066
A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...
PT-2026-43933
In the Linux kernel, the following vulnerability has been resolved: ceph: fix num ops off-by-one when crypto allocation fails move dirty folio in page array may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephmdsauthmatch We now free the temporary target path substring allocation on every possible branch, instead of omitting the default branch. In some cases, a memory leak occured, which could rapidly cras...
ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS
A vulnerability in Ceph was discovered whereby an unprivileged user could change the permissions of a directory owned by the root user, gaining access to the targeted directory. The non-privileged user can escalate privileges to root in a CephFS mounted with ceph-fuse by applying chmod 777 read,...
SUSE CVE-2026-23189
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
CVE-2026-23189
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
CVE-2026-23201
CVE-2026-23201: Linux kernel fix for ceph oops due to invalid pointer in kfree() within parse_longname(). Root cause was advancing the pointer to skip the initial '_' in ceph snapshot names, causing kfree() to receive an invalid pointer when listing .snap directories. The patch eliminates the poi...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23189
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
CVE-2026-23189 ceph: fix NULL pointer dereference in ceph_mds_auth_match()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
CVE-2026-23189 ceph: fix NULL pointer dereference in ceph_mds_auth_match()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
Linux Distros Unpatched Vulnerability : CVE-2026-23189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsna...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
PT-2026-8209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Ceph implementation where an invalid pointer is passed to the kfree function within the parse longname function. This occurs when reading Ceph snapsho...