In the Linux kernel, the following vulnerability has been resolved:

ceph: fix a buffer leak in __ceph_setxattr()

The old_blob in __ceph_setxattr() can store
ci->i_xattrs.prealloc_blob value during the retry.
However, it is never called the ceph_buffer_put()
for the old_blob object. This patch fixes the issue of
the buffer leak.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 521e5aba857fd267624892c8dd6295f22ce0267e
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < d0cb994605c84a159c1d00d72cdc8583c321ef95
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < ecf94823c5c6a20790bb76ed2816822b0beb0c22
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 4bfdcefdaa6092a06cacd59389c7756b36e6de8c
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 7d3e8d2d648d5f0df29b4710246680f47695fe94
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 3fa13ceefbc5f36131110342743994cb3de80637
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < bc7abce4460e490dcb579eec770f175b150b685f
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 affected < 5d3cc36b4e77a27ce7b686b7c59c7072bcb3fa8e
0 affected < 5.10.258
0 affected < 5.15.209
0 affected < 6.1.175
0 affected < 6.6.141
0 affected < 6.12.91
0 affected < 6.18.33
0 affected < 7.0.10
Linux Linux affected
Version Status Constraints
5.10.258 unaffected ≤ 5.10.*
5.15.209 unaffected ≤ 5.15.*
6.1.175 unaffected ≤ 6.1.*
6.6.141 unaffected ≤ 6.6.*
6.12.91 unaffected ≤ 6.12.*
6.18.33 unaffected ≤ 6.18.*
7.0.10 unaffected ≤ 7.0.*
7.1 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/3fa13ceefbc5f36131110342743994cb3de80637 cve-icon
https://git.kernel.org/stable/c/4bfdcefdaa6092a06cacd59389c7756b36e6de8c cve-icon
https://git.kernel.org/stable/c/521e5aba857fd267624892c8dd6295f22ce0267e cve-icon
https://git.kernel.org/stable/c/5d3cc36b4e77a27ce7b686b7c59c7072bcb3fa8e cve-icon
https://git.kernel.org/stable/c/7d3e8d2d648d5f0df29b4710246680f47695fe94 cve-icon
https://git.kernel.org/stable/c/bc7abce4460e490dcb579eec770f175b150b685f cve-icon
https://git.kernel.org/stable/c/d0cb994605c84a159c1d00d72cdc8583c321ef95 cve-icon
https://git.kernel.org/stable/c/ecf94823c5c6a20790bb76ed2816822b0beb0c22 cve-icon
History

Wed, 24 Jun 2026 18:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in __ceph_setxattr() The old_blob in __ceph_setxattr() can store ci->i_xattrs.prealloc_blob value during the retry. However, it is never called the ceph_buffer_put() for the old_blob object. This patch fixes the issue of the buffer leak.
Title ceph: fix a buffer leak in __ceph_setxattr()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:28:42.688Z

Reserved: 2026-06-09T07:44:35.374Z

Link: CVE-2026-52962

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T18:30:06Z

Weaknesses