CVE-2026-22984

libceph: prevent potential out-of-bounds reads in handle_auth_done()

Published: 1/23/2026 Last updated: 2/9/2026 Reserved: 1/13/2026

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ]

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (0)

No product listed.

References (12)

https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96
https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e
https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3
https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2
https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8
https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9
https://git.kernel.org/stable/c/194cfe2af4d2a1de599d39dad636b47c2f6c2c96
https://git.kernel.org/stable/c/79fe3511db416d2f2edcfd93569807cb02736e5e
https://git.kernel.org/stable/c/ef208ea331ef688729f64089b895ed1b49e842e3
https://git.kernel.org/stable/c/2802ef3380fa8c4a08cda51ec1f085b1a712e9e2
https://git.kernel.org/stable/c/2d653bb63d598ae4b096dd678744bdcc34ee89e8
https://git.kernel.org/stable/c/818156caffbf55cb4d368f9c3cac64e458fb49c9