SB20260529179 - Out-of-bounds read in Linux kernel ceph
Published: May 29, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2026-46119)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an out-of-bounds read in libceph auth message processing when handling a crafted CEPH_MSG_AUTH_REPLY message. A remote attacker can send a specially crafted auth reply message to disclose sensitive information.
The issue occurs when a positive result value is misinterpreted as the size of the front segment to send, which can cause memory beyond the allocated buffer to be transmitted.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1c439de70b1c3eb3c6bffa8245c16b9fc318f114
- https://git.kernel.org/stable/c/2ae0afd98432536562fa8261538ae795446f0589
- https://git.kernel.org/stable/c/408e85ee708b6aa03eeb0220ffa0915f4d407181
- https://git.kernel.org/stable/c/8517b6c8d2c759918ba0058cb6c7e14d59643202
- https://git.kernel.org/stable/c/b7df9fbd4869fdfe09a3f501ffd228486521e062