CVE-2026-43406
Out-of-Bounds Read in Linux Kernel Ceph Library
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's libceph component, specifically in the process_message_header() function.
If a message frame is maliciously corrupted so that the length of the control segment is less than the size of the message header, or if a different frame is made to appear like a message frame, it can cause out-of-bounds reads.
The vulnerability arises because process_message_header() does not perform an explicit bounds check before decoding the message header, which can lead to reading memory outside the intended bounds.
How can this vulnerability impact me? :
This vulnerability can lead to out-of-bounds reads in the Linux kernel, which may cause information disclosure or system instability.
An attacker could exploit this by sending a specially crafted message frame that triggers the out-of-bounds read, potentially exposing sensitive kernel memory or causing a crash.