Integer overflow in Linux kernel - CVE-2026-43407
Published: May 8, 2026
Vulnerability identifier: #VU130774
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-43407
CWE-ID: CWE-190
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an integer overflow leading to an out-of-bounds read in ceph_handle_auth_reply() when processing a CEPH_MSG_AUTH_REPLY message. A remote attacker can send a specially crafted CEPH_MSG_AUTH_REPLY message to disclose sensitive information.
How to mitigate CVE-2026-43407
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/6cee34d6669fe176b4259131adb1a145c939b472
- https://git.kernel.org/stable/c/8bb87547e92dcf0928ed763c60e0ac8d733c3656
- https://git.kernel.org/stable/c/9f9e2297f45fc2d2524eb104c289d69ddef95665
- https://git.kernel.org/stable/c/b282c43ed156ae15ea76748fc15cd5c39dc9ab72
- https://git.kernel.org/stable/c/ea080b21092590122c3f971cf588932cdbf47847
- https://git.kernel.org/stable/c/ed024d2f4c79c0eb2464df0fb640610ac301f9a0
- https://git.kernel.org/stable/c/edc678e5cd11730a2834b43071d8923f05bc334d
- https://git.kernel.org/stable/c/f9da5c1bbac5c8e33259fe00ed7347438fffa969