24 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: Fix for oops due to invalid pointer for kfree in parselongname This fix addresses a kernel oops that occurs when reading ceph snapshot directories .snap. For example, simply running ls /mnt/myceph/.snap can cause the issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects a NUL-terminated string. … And parselongname does not guarantee this. That’s why it uses kmemdupnul to create a NUL-terminated copy of the string for kstrtou64; The problem is that kstrtou64...
CLSA-2026-1776701249 libssh: Fix of CVE-2026-0968
CVE-2026-0968: sanitize input handling in sftpparselongname to prevent OOB read when processing malformed SFTP longname fields, add unit tests...
CLSA-2026-1776362968 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
CLSA-2026-1776361748 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
UBUNTU-CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
CVE-2026-23201: Linux kernel fix for ceph oops due to invalid pointer in kfree() within parse_longname(). Root cause was advancing the pointer to skip the initial '_' in ceph snapshot names, causing kfree() to receive an invalid pointer when listing .snap directories. The patch eliminates the poi...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
PT-2026-8209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Ceph implementation where an invalid pointer is passed to the kfree function within the parse longname function. This occurs when reading Ceph snapsho...
EUVD-2025-25542
Malicious code in bioql PyPI...
[ceph] parse_longname(): strrchr() expects NUL-terminated string
...
Linux Distros Unpatched Vulnerability : CVE-2025-38660
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not...
CVE-2025-38660
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
CVE-2025-38660
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
AZL-66584 CVE-2025-38660 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
UBUNTU-CVE-2025-38660
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...