EUVD-2026-38825

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map in crushdecode, an array of maxbuckets CRUSH buckets is...

EUVD-2026-38822

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: freechooseargmap has been made resistant to partial allocations that may lead to NULL pointer dereferencing. freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in...

CVE-2026-22991

In the Linux kernel, the following vulnerability has been resolved: libceph: make freechooseargmap resilient to partial allocation freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if allocation of argmap-args fails,...

PT-2026-4491

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The free choose arg map function may dereference a NULL pointer if its caller fails after a partial allocation. Specifically, in the decode choose args function, if the allocation of arg...