CVE-2026-43304 PUBLISHED

libceph: define and enforce CEPH_MAX_KEY_LEN

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 09.05.2026

In the Linux kernel, the following vulnerability has been resolved:

libceph: define and enforce CEPH_MAX_KEY_LEN

When decoding the key, verify that the key material would fit into a fixed-size buffer in process_auth_done() and generally has a sane length.

The new CEPH_MAX_KEY_LEN check replaces the existing check for a key with no key material which is a) not universal since CEPH_CRYPTO_NONE has to be excluded and b) doesn't provide much value since a smaller than needed key is just as invalid as no key -- this has to be handled elsewhere anyway.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to 6405e8c680974bb74e2c98d5249fb52c7b12a6c6 (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to 8d745d38c88ecbed95f6b2b39857bf89f35a3244 (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to e1dc45d97975f9db65694d234fbddf1915176e16 (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to 1b275bd49e58752efb83767a5d1aed41356c5e64 (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to c1a0f5f1e5e7e98c36a362ec3d1fcfd9932931ed (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to d82467c07b03a27c3c5469b62bb3b726305a80bb (excl.)
  • affected from cd1a677cad994021b19665ed476aea63f5d54f31 to ac431d597a9bdfc2ba6b314813f29a6ef2b4a3bf (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 5.11 is affected
  • unaffected from 0 to 5.11 (excl.)
  • unaffected from 5.15.202 to 5.15.* (incl.)
  • unaffected from 6.1.165 to 6.1.* (incl.)
  • unaffected from 6.6.128 to 6.6.* (incl.)
  • unaffected from 6.12.75 to 6.12.* (incl.)
  • unaffected from 6.18.16 to 6.18.* (incl.)
  • unaffected from 6.19.6 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References