Improper Check or Handling of Exceptional Conditions in Linux kernel - CVE-2026-52954
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper handling of duplicate rbtree keys in decode_choose_args() when processing a crafted CEPH_MSG_OSD_MAP message containing duplicate choose_args_index values. A remote attacker can send a specially crafted message to cause a denial of service.
How to mitigate CVE-2026-52954
Sources
- https://git.kernel.org/stable/c/0a1265a9ab875f92b6a3ffb497404f46cf9d76a3
- https://git.kernel.org/stable/c/0b6a3bcb91bc5bfeda39f0df3b71bab62c13e9da
- https://git.kernel.org/stable/c/4d2b37abda9536808655830d683dc491d31741a8
- https://git.kernel.org/stable/c/534ebc08df97c47d4c7596f336fa31ecbf91519c
- https://git.kernel.org/stable/c/80c73bd1b2b04355d1d0c29be8ccbd25a380905d
- https://git.kernel.org/stable/c/c7bf7864e2924fa5508ac270b0e9364bc13d5a6c
- https://git.kernel.org/stable/c/d289478cfc0bcf81c7914200d6abdcb78bd04ded
- https://git.kernel.org/stable/c/f47430fc1f815e87406e2d3b4e476eff1bc7fd9b