CVE-2026-43419

Summary

In the Linux kernel, the following vulnerability has been resolved:

ceph: fix memory leaks in ceph_mdsc_build_path()

Add __putname() calls to error code paths that did not free the "path" pointer obtained by __getname(). If ownership of this pointer is not passed to the caller via path_info.path, the function must free it before returning.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3fd945a79e147ee10f84213976889b29049c3519 < 657dc653b06a3cc0282aea447a3f137fa94066a4affected
LinuxLinux3fd945a79e147ee10f84213976889b29049c3519 < 5895d0164c84d7fec6abc198920c257f55c51899affected
LinuxLinux3fd945a79e147ee10f84213976889b29049c3519 < 097cd68f46686391a98f2618188f0cb7b7570de2affected
LinuxLinux3fd945a79e147ee10f84213976889b29049c3519 < 13b8b9d6f59ef17fb96c298c3a0d62a8306950ccaffected
LinuxLinux3fd945a79e147ee10f84213976889b29049c3519 < 040d159a45ded7f33201421a81df0aa2a86e5a0baffected
LinuxLinux0f2b2d9e881c90402dbe28f9ba831775b7992e1faffected
LinuxLinuxd42ad3f161a5a487f81915c406f46943c7187a0aaffected
LinuxLinuxe4b168c64da06954be5d520f6c16469b1cadc069affected
LinuxLinux5.10.234 < 5.11affected
LinuxLinux5.15.177 < 5.16affected
LinuxLinux6.1.125 < 6.2affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.18.19 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References