SB20260508125 - Integer overflow in Linux kernel ceph
Published: May 8, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Integer overflow (CVE-ID: CVE-2026-43407)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an integer overflow leading to an out-of-bounds read in ceph_handle_auth_reply() when processing a CEPH_MSG_AUTH_REPLY message. A remote attacker can send a specially crafted CEPH_MSG_AUTH_REPLY message to disclose sensitive information.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/6cee34d6669fe176b4259131adb1a145c939b472
- https://git.kernel.org/stable/c/8bb87547e92dcf0928ed763c60e0ac8d733c3656
- https://git.kernel.org/stable/c/9f9e2297f45fc2d2524eb104c289d69ddef95665
- https://git.kernel.org/stable/c/b282c43ed156ae15ea76748fc15cd5c39dc9ab72
- https://git.kernel.org/stable/c/ea080b21092590122c3f971cf588932cdbf47847
- https://git.kernel.org/stable/c/ed024d2f4c79c0eb2464df0fb640610ac301f9a0
- https://git.kernel.org/stable/c/edc678e5cd11730a2834b43071d8923f05bc334d
- https://git.kernel.org/stable/c/f9da5c1bbac5c8e33259fe00ed7347438fffa969