DevSecOps Toolkit
Login

CVE record

CVE-2026-43405

HIGHCVSS 7.5

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in ceph_monmap_decode() This patch fixes unnecessary implicit conversions that change signedness of blob_len and num_mon in ceph_monmap_decode(). Currently blob_len and num_mon are (signed) int variables. They are used to hold values that are always non-negative and get assigned in ceph_decode_32_safe(), which is meant to assign u32 values. Both variables are subsequently used as unsigned values, and the value of num_mon is further assigned to monmap->num_mon, which is of type u32. Therefore, both variables should be of type u32. This is especially relevant for num_mon. If the value read from the incoming message is very large, it is interpreted as a negative value, and the check for num_mon > CEPH_MAX_MON does not catch it. This leads to the attempt to allocate a very large chunk of memory for monmap, which will most likely fail. In this case, an unnecessary attempt to allocate memory is performed, and -ENOMEM is returned instead of -EINVAL.

Sponsored

Amazon picks for vulnerability response

Product discovery links are localized to Amazon US when country data is available.

This page may contain affiliate links. We may earn a commission at no extra cost to you. As an Amazon Associate I earn from qualifying purchases.

Identity security

Hardware security keys

Physical MFA keys for admin accounts, cloud consoles, password managers, and incident response workflows.

View on Amazon US
Sponsored Amazon link
Books

Security engineering books

Books on secure design, incident response, threat modeling, cloud security, and practical defense.

View on Amazon US
Sponsored Amazon link
Network lab

Ethernet cable testers

Portable testers for validating office, rack, home lab, and troubleshooting cable runs.

View on Amazon US
Sponsored Amazon link

Vulnerability metadata

Published
2026-05-08T09:46:52.013Z
Modified
2026-05-21T13:46:09.970Z
EPSS
Not available
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Recommended platforms

Affiliate-supported recommendations for CVE-2026-43405 vulnerability response.

This page may contain affiliate links. We may earn a commission at no extra cost to you. As an Amazon Associate I earn from qualifying purchases.

marketplace

Security engineering books

Browse practical security, incident response, cloud security, and secure coding books for team learning.

Browse on Amazon
Amazon US
security

Cloud security platform

Continuously review cloud posture, exposed services, identity risks, and misconfigurations.

Explore security tools
monitoring

Monitoring and incident response

Track uptime, logs, traces, TLS expiry, API latency, and production security signals.

Compare monitoring

References

https://git.kernel.org/stable/c/08bc6173fd611ad5a40f472bf5f15b92aea0fe40https://git.kernel.org/stable/c/5f2806684b05bd24d05c091083b8e2517ba8ffachttps://git.kernel.org/stable/c/770444611f047dbfd4517ec0bc1b179d40c2f346https://git.kernel.org/stable/c/86f7060cd638d6eb042e8ed780fb83a59ca0dcb3https://git.kernel.org/stable/c/b268984ae88cb0dcd7a8e8263962c748448e26e8https://git.kernel.org/stable/c/ba0a4df8c563536857dcbf7b4dbd0f2a15f57acehttps://git.kernel.org/stable/c/ee5588e2bc41acb73f6676c0520420c107cd0140
Open this CVE in the lookup tool