CVE-2026-43273

MEDIUM EPSS 1.9%
Published May 6, 20261mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer: ../src/vstart.sh --new -x --localhost --bluestore ./bin/ceph auth caps client.fs_a mds 'allow rwps fsname=a' mon 'allow r fsname=a' osd 'allow rw tag cephfs data=a' mount -t ceph fs_a@.a=/ /mnt/mycephfs/ -o conf=./ceph.conf dd if=/dev/urandom of=/mnt/mycephfs/foo bs=64K count=1 mkdir /mnt/mycephfs/.snap/snap1 md5sum /mnt/mycephfs/.snap/snap1/foo fallocate -p -o 0 -l 4096 /mnt/mycephfs/foo echo 3 > /proc/sys/vm/drop/caches md5sum /mnt/mycephfs/.snap/snap1/foo # get different md5sum!!

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
1.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥3.12  –  <5.10.252
linuxlinux_kernel*≥5.11  –  <5.15.202
linuxlinux_kernel*≥5.16  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 8

  • git.kernel.org https://git.kernel.org/stable/c/36673344b41c31fb502dd0d0113cec1aa96f581e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4097e70fc543cca72982854108a32f6ae924e727
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/531a76c5a2e44264cee8a70121e63eb28c1ba728
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5788b742007f53406049bef917833a71ddd43f60
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69e59a87bab0ea31ab2a584fc65e12dafacf8953
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/757873abfc8ea38592582180aed0f57f0f0cb07a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9efa154609cdb658f51c7d76b30a09f7e6485250
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f16bd3fa74a2084ee7e16a8a2be7e7399b970907
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/36673344b41c31fb502dd0d0113cec1aa96f581e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4097e70fc543cca72982854108a32f6ae924e727
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/531a76c5a2e44264cee8a70121e63eb28c1ba728
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5788b742007f53406049bef917833a71ddd43f60
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69e59a87bab0ea31ab2a584fc65e12dafacf8953
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/757873abfc8ea38592582180aed0f57f0f0cb07a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9efa154609cdb658f51c7d76b30a09f7e6485250
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f16bd3fa74a2084ee7e16a8a2be7e7399b970907
    Patch