Signed to Unsigned Conversion Error in Linux kernel - CVE-2026-43405
Published: May 8, 2026
Vulnerability identifier: #VU130772
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-43405
CWE-ID: CWE-195
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper handling of signedness conversion in ceph_monmap_decode() when parsing an incoming monitor map message. A remote attacker can send a specially crafted message with a very large num_mon value to cause a denial of service.
The issue can trigger an attempt to allocate an excessively large chunk of memory and results in -ENOMEM being returned instead of rejecting the input as invalid.
How to mitigate CVE-2026-43405
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/08bc6173fd611ad5a40f472bf5f15b92aea0fe40
- https://git.kernel.org/stable/c/5f2806684b05bd24d05c091083b8e2517ba8ffac
- https://git.kernel.org/stable/c/770444611f047dbfd4517ec0bc1b179d40c2f346
- https://git.kernel.org/stable/c/86f7060cd638d6eb042e8ed780fb83a59ca0dcb3
- https://git.kernel.org/stable/c/b268984ae88cb0dcd7a8e8263962c748448e26e8
- https://git.kernel.org/stable/c/ba0a4df8c563536857dcbf7b4dbd0f2a15f57ace
- https://git.kernel.org/stable/c/ee5588e2bc41acb73f6676c0520420c107cd0140