What is CVE-2026-52962?

CVE-2026-52962 is a unscored severity Linux kernel vulnerability. CVE-2026-52962 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-52962?

CVE-2026-52962 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-52962?

Yes, CVE-2026-52962 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others.

Is CVE-2026-52962 actively exploited?

CVE-2026-52962 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-52962

In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in __ceph_setxattr() The old_blob in __ceph_setxattr() can store ci->i_xattrs.prealloc_blob value during the retry. However, it is never called the ceph_buffer_put() for the old_blob object. This patch fixes the issue of the buffer leak.

Package Linux Kernel

Published 2026-06-24

Last modified 2026-06-24

Patch available

Yes

Affected versions

Fixed in 5.10.258, 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1 and their respective stable series.

Fixed in

✓ 5.10.258 5.10.x ✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.141 6.6.x ✓ 6.12.91 6.12.x ✓ 6.18.33 6.18.x ✓ 7.0.10 7.0.x ✓ 7.1

References

8 total

Showing 5 of 8 references View all on NVD

Frequently asked questions

What is CVE-2026-52962?

CVE-2026-52962 is a unscored severity Linux kernel vulnerability . CVE-2026-52962 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-52962?

Yes — CVE-2026-52962 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others.
Is CVE-2026-52962 actively exploited?

No — CVE-2026-52962 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.