libceph: define and enforce CEPH_MAX_KEY_LEN
When decoding the key, verify that the key material would fit into
a fixed-size buffer in process_auth_done() and generally has a sane
length.
The new CEPH_MAX_KEY_LEN check replaces the existing check for a key
with no key material which is a) not universal since CEPH_CRYPTO_NONE
has to be excluded and b) doesn't provide much value since a smaller
than needed key is just as invalid as no key -- this has to be handled
elsewhere anyway.
| Source | ID | Title |
|---|---|---|
Ubuntu USN |
USN-8490-1 | Linux kernel vulnerabilities |
Ubuntu USN |
USN-8491-1 | Linux kernel (OEM) vulnerabilities |
Ubuntu USN |
USN-8492-1 | Linux kernel vulnerabilities |
Ubuntu USN |
USN-8493-1 | Linux kernel vulnerabilities |
Ubuntu USN |
USN-8492-2 | Linux kernel vulnerabilities |
Ubuntu USN |
USN-8493-2 | Linux kernel (Oracle) vulnerabilities |
Ubuntu USN |
USN-8497-1 | Linux kernel (Low Latency) vulnerabilities |
Ubuntu USN |
USN-8498-1 | Linux kernel (NVIDIA Tegra) vulnerabilities |
Ubuntu USN |
USN-8499-1 | Linux kernel (Xilinx) vulnerabilities |
Ubuntu USN |
USN-8508-1 | Linux kernel (NVIDIA) vulnerabilities |
Ubuntu USN |
USN-8492-3 | Linux kernel (Raspberry Pi Real-time) vulnerabilities |
Ubuntu USN |
USN-8490-2 | Linux kernel (Real-time) vulnerabilities |
Ubuntu USN |
USN-8492-4 | Linux kernel (Raspberry Pi) vulnerabilities |
Ubuntu USN |
USN-8492-5 | Linux kernel (FIPS) vulnerabilities |
Ubuntu USN |
USN-8527-1 | Linux kernel (Raspberry Pi) vulnerabilities |
Ubuntu USN |
USN-8528-1 | Linux kernel (Xilinx ZynqMP) vulnerabilities |
Ubuntu USN |
USN-8545-1 | Linux kernel (HWE) vulnerabilities |
Ubuntu USN |
USN-8546-1 | Linux kernel (Raspberry Pi) vulnerabilities |
Ubuntu USN |
USN-8547-1 | Linux kernel vulnerabilities |
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 15 May 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | NVD-CWE-noinfo |
Mon, 11 May 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Sat, 09 May 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-120 CWE-20 |
Sat, 09 May 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-1284 | |
| References |
| |
| Metrics |
threat_severity
|
cvssV3_1
|
Fri, 08 May 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-120 CWE-20 |
Fri, 08 May 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would fit into a fixed-size buffer in process_auth_done() and generally has a sane length. The new CEPH_MAX_KEY_LEN check replaces the existing check for a key with no key material which is a) not universal since CEPH_CRYPTO_NONE has to be excluded and b) doesn't provide much value since a smaller than needed key is just as invalid as no key -- this has to be handled elsewhere anyway. | |
| Title | libceph: define and enforce CEPH_MAX_KEY_LEN | |
| First Time appeared |
Linux
Linux linux Kernel |
|
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Linux
Linux linux Kernel |
|
| References |
|
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2026-05-11T22:21:58.030Z
Reserved: 2026-05-01T14:12:56.000Z
Link: CVE-2026-43304
No data.
Status : Analyzed
Published: 2026-05-08T14:16:37.693
Modified: 2026-06-17T10:49:20.820
Link: CVE-2026-43304
OpenCVE Enrichment
Updated: 2026-05-15T15:00:14Z
Ubuntu USN