DoS Vulnerability in Linux Kernel Affecting Ceph
CVE-2024-53685
Summary
In the Linux kernel, a vulnerability in the Ceph file system allows for a denial of service scenario when the function ceph_mdsc_build_path() attempts to construct a path exceeding the system's PATH_MAX limit. This oversight results in an infinite retry loop, rendering the system largely unusable as tasks are blocked indefinitely. As a mitigation, it is proposed to remove the retry mechanism and return an ENAMETOOLONG error instead, effectively preventing the system from becoming unresponsive under such conditions.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 550f7ca98ee028a606aa75705a7e77b1bd11720f
References
Timeline
Vulnerability published
Vulnerability Reserved