CVE-2026-43273
Description
In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer: ../src/vstart.sh --new -x --localhost --bluestore ./bin/ceph auth caps client.fs_a mds 'allow rwps fsname=a' mon 'allow r fsname=a' osd 'allow rw tag cephfs data=a' mount -t ceph fs_a@.a=/ /mnt/mycephfs/ -o conf=./ceph.conf dd if=/dev/urandom of=/mnt/mycephfs/foo bs=64K count=1 mkdir /mnt/mycephfs/.snap/snap1 md5sum /mnt/mycephfs/.snap/snap1/foo fallocate -p -o 0 -l 4096 /mnt/mycephfs/foo echo 3 > /proc/sys/vm/drop/caches md5sum /mnt/mycephfs/.snap/snap1/foo # get different md5sum!!
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
Linux kernel Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | 5.10.252 |
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | โ |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 6.12.85-1 |
| sid | Fixed | 6.19.6-1 |
| forky | Fixed | 6.19.6-1 |
| bullseye | Fixed | 5.10.257-1 |
| bookworm | Fixed | 6.1.170-1 |
References
- https://git.kernel.org/stable/c/36673344b41c31fb502dd0d0113cec1aa96f581e
- https://git.kernel.org/stable/c/4097e70fc543cca72982854108a32f6ae924e727
- https://git.kernel.org/stable/c/531a76c5a2e44264cee8a70121e63eb28c1ba728
- https://git.kernel.org/stable/c/5788b742007f53406049bef917833a71ddd43f60
- https://git.kernel.org/stable/c/69e59a87bab0ea31ab2a584fc65e12dafacf8953
- https://git.kernel.org/stable/c/757873abfc8ea38592582180aed0f57f0f0cb07a
- https://git.kernel.org/stable/c/9efa154609cdb658f51c7d76b30a09f7e6485250
- https://git.kernel.org/stable/c/f16bd3fa74a2084ee7e16a8a2be7e7399b970907
- https://www.suse.com/security/cve/CVE-2026-43273.html
- https://security-tracker.debian.org/tracker/CVE-2026-43273
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.