Skip to content
CVSS 9.8 · CRITICAL

CVE-2026-43304

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would fit into a fixed-size buffer in process_auth_done() and generally has a sane length. The new CEPH_MAX_KEY_LEN check replaces the existing check for a key with no key material which is a) not universal since CEPH_CRYPTO_NONE has to be excluded and b) doesn't provide much value since a smaller than needed key is just as invalid as no key -- this has to be handled elsewhere anyway.

Ver en NVD

Análisis

A critical vulnerability has been identified in the Linux kernel libceph module. It involves a lack of length validation when decoding authentication keys, which could lead to memory corruption. Systems acting as Ceph clients should be patched to prevent potential kernel compromise when connecting to malicious or compromised storage clusters.

Severidad

Puntaje: 9.8(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH

EPSS

Probabilidad de explotación (próx. 30 días): 0.0002 (0.0%)
Percentil: 7.0%
EPSS: 2026-05-10

Descripción técnica

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would fit into a fixed-size buffer in process_auth_done() and generally has a sane length. The new CEPH_MAX_KEY_LEN check replaces the existing check for a key with no key material which is a) not universal since CEPH_CRYPTO_NONE has to be excluded and b) doesn't provide much value since a smaller than needed key is just as invalid as no key -- this has to be handled elsewhere anyway.

Publicada: 8/5/2026, 14:16:37
Última modificación: 11/5/2026, 8:16:08

Referencias

InicioEventosBlogRecursosEquipo