VYPR
Critical severity9.1NVD Advisory· Published May 8, 2026· Updated May 21, 2026

CVE-2026-43406

CVE-2026-43406

Description

In the Linux kernel, the following vulnerability has been resolved:

libceph: prevent potential out-of-bounds reads in process_message_header()

If the message frame is (maliciously) corrupted in a way that the length of the control segment ends up being less than the size of the message header or a different frame is made to look like a message frame, out-of-bounds reads may ensue in process_message_header().

Perform an explicit bounds check before decoding the message header.

Affected products

33

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.