CVE-2026-22984
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2026-01-23
Last updated on: 2026-04-27
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
libceph: prevent potential out-of-bounds reads in handle_auth_done()
Perform an explicit bounds check on payload_len to avoid a possible
out-of-bounds access in the callout.
[ idryomov: changelog ]
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.11 (inc) to 5.15.198 (exc) |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | From 6.13 (inc) to 6.18.6 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.121 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.66 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.161 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's libceph component involves a potential out-of-bounds read in the handle_auth_done() function. It occurs because there was no explicit bounds check on the payload_len parameter, which could lead to accessing memory outside the intended buffer.
How can this vulnerability impact me? :
The vulnerability could lead to out-of-bounds memory reads, which might cause system instability, crashes, or potentially expose sensitive information from memory. This could be exploited to compromise system security or cause denial of service.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70