Linux Kernel Vulnerability in Ceph Local Caching Feature
CVE-2025-38534

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 August 2025

What is CVE-2025-38534?

A vulnerability in the Linux kernel's netfs implementation affects the Ceph file system's local caching functionality. The issue arises during the copy-to-cache operation, where a newly initiated write request asynchronously attempts to notify the application upon completion. However, due to a misconfiguration where the NETFS_RREQ_OFFLOAD_COLLECTION flag is not set, the application is not in a waiting state to receive the notification. This results in the request hanging indefinitely. The fix involves setting the NETFS_RREQ_OFFLOAD_COLLECTION flag, allowing the notification to be queued properly, thereby preventing disruption in application operations.

Affected Version(s)

Linux e2d46f2ec332533816417b60933954173f602121 < 1ebe58cef84eab22b41b4d5e72c2051ebf00af50

Linux e2d46f2ec332533816417b60933954173f602121 < 4c238e30774e3022a505fa54311273add7570f13

Linux 6.14

References

https://git.kernel.org/stable/c/1ebe58cef84eab22b41b4d5e7...

https://git.kernel.org/stable/c/4c238e30774e3022a505fa543...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 16, 2025
Vulnerability Reserved
Apr 16, 2025