Bug 2467723 (CVE-2026-41648) - CVE-2026-41648 incus: Incus: Denial of Service via crafted image or backup tarball
Summary: CVE-2026-41648 incus: Incus: Denial of Service via crafted image or backup ta...
Keywords:
Status: NEW
Alias: CVE-2026-41648
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2477850 2477851
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-05-07 14:01 UTC by OSIDB Bzimport
Modified: 2026-05-15 12:54 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-05-07 14:01:26 UTC
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when parsed by Incus would lead to a very large YAML document being loaded into memory, potentially causing the entire server to run out of memory. This issue has been patched in version 7.0.0.


Note You need to log in before you can comment on or make changes to this bug.