9.1
CVE-2026-43406
- EPSS 0.07%
- Veröffentlicht 08.05.2026 14:21:46
- Zuletzt bearbeitet 12.05.2026 14:10:27
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
libceph: prevent potential out-of-bounds reads in process_message_header()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in process_message_header() If the message frame is (maliciously) corrupted in a way that the length of the control segment ends up being less than the size of the message header or a different frame is made to look like a message frame, out-of-bounds reads may ensue in process_message_header(). Perform an explicit bounds check before decoding the message header.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
76ccf21a12c5f6d6790bc32c7da82446d877b2f4
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
75582aaa580c11aed4c7731cad6b068b700e7efb
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
50156622eb0888e62541d715a98584480a1bc7cb
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
dbd857a9e1e33ea71eaf3e211877027e533770d1
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
69fe5af33fa3806f398d21c081d73c66e5523bc2
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
035867ae6f18df0aeedb2a57a5b74091bd4e3fe8
Status
affected
Version
cd1a677cad994021b19665ed476aea63f5d54f31
Version <
69fb5d91bba44ecf7eb80530b85fa4fb028921d5
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.11
Status
affected
Version
0
Version <
5.11
Status
unaffected
Version <=
5.15.*
Version
5.15.203
Status
unaffected
Version <=
6.1.*
Version
6.1.167
Status
unaffected
Version <=
6.6.*
Version
6.6.130
Status
unaffected
Version <=
6.12.*
Version
6.12.78
Status
unaffected
Version <=
6.18.*
Version
6.18.19
Status
unaffected
Version <=
6.19.*
Version
6.19.9
Status
unaffected
Version <=
*
Version
7.0
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.218 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|