Zero Day MonitorZDM

← Back to list

7.1

CVE-2026-22984PATCHED

linux · linux_kernel

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a po

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ]

Affected Products

Vendor	Product	Versions
linux	linux_kernel	< 5.15.198, < 6.1.161, < 6.6.121, < 6.12.66, < 6.18.6

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
amazon	amazon linux	cert_advisory	90%
canonical	ubuntu linux	cert_advisory	90%
debian	debian linux	cert_advisory	90%
ibm	ibm qradar siem	cert_advisory	90%
open source	open source linux kernel	cert_advisory	90%

References

Related News (5 articles)

Tier B

CERT-FR21h ago

Multiples vulnérabilités dans le noyau Linux d'Ubuntu (10 avril 2026)

→ No new info (linked only)

Tier B

CERT-FR7d ago

Multiples vulnérabilités dans le noyau Linux d'Ubuntu (03 avril 2026)

→ No new info (linked only)

Tier B

BSI Advisories8d ago

[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR14d ago

Multiples vulnérabilités dans le noyau Linux de SUSE (27 mars 2026)

→ No new info (linked only)

Tier B

CERT-FR14d ago

Multiples vulnérabilités dans le noyau Linux d'Ubuntu (27 mars 2026)

→ No new info (linked only)

CVSS 3.17.1 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

5.15.1986.1.1616.6.1216.12.666.18.6

CWECWE-125

PublishedJan 23, 2026

Last enriched9d ago

Trending Score37

Source articles5

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-23406EXP

apparmor: fix side-effect bug in match_char() macro usage

HIGHCVE-2026-23400EXP

In the Linux kernel, the following vulnerability has been resolved: rust_binder: call set_notification_done() without proc lock Consider the following sequence of events on a death listener: 1. The

HIGHCVE-2026-31412EXP

usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks()

HIGHCVE-2026-23398EXP

In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_d

HIGHCVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Jan 23, 2026

Patch Available

Feb 26, 2026

Discovered by ZDM

Apr 1, 2026