CVE-2026-43304

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in libceph where the system fails to properly verify the length of key material during decoding. Specifically, the process auth done() function does not ensure that the key material fits within a fixed-size buffer or possesses a reasonable length. This is addressed by implementing and enforcing CEPH MAX KEY LEN to replace an insufficient check that only identified keys with no material.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.