187 matches found
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
ALSA-2026:0786 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
ALSA-2026:0793 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/xe: Make dma-fences compliant with the safe access rules CVE-2025-38703 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel:...
RLSA-2026:0443 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing...
SUSE CVE-2025-71116
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
UBUNTU-CVE-2025-71116
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
CVE-2025-71116 libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
CVE-2025-71116 libceph: make decode_pool() more resilient against corrupted osdmaps
In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
RHEL 8 : kernel (RHSA-2026:0444)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0444 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: rc: fix races with...
ALSA-2026:0443 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing...
Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing CVE-2025-40240 kernel: libceph: fix potential use-after-free...
PT-2026-8131
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the libceph component of the Linux kernel where the sparse-read state is not properly reset in the osd fault function when a connection fault occurs. This can lead to th...
EUVD-2025-203797
In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map-maxosd. idryomov: drop BUGON in cephgetprimaryaffinity, minor cosmet...
CVE-2025-68283
In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map-maxosd. idryomov: drop BUGON in cephgetprimaryaffinity, minor cosmet...
AZL-72610 CVE-2025-68283 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map-maxosd. idryomov: drop BUGON in cephgetprimaryaffinity, minor cosmet...
UBUNTU-CVE-2025-68283
In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map-maxosd. idryomov: drop BUGON in cephgetprimaryaffinity, minor cosmet...