Race Condition Vulnerability in Linux Kernel's Ceph File System
CVE-2025-39927
What is CVE-2025-39927?
A race condition has been identified in the Linux kernel's Ceph file system that can lead to improper state changes during concurrent operations. Specifically, it involves the validation of 'r_parent' directory inodes before applying state changes. If the cached 'r_parent' does not match the directory info in MDS replies, concurrent actions such as renaming files may result in outdated or stale references. This can cause state changes to be misapplied to incorrect directory inodes. The issue presents a significant risk of reference leaks and underflows, as the necessary adjustments to the CEPH_CAP_PIN references were not made when 'r_parent' was switched. The recent patches address this flaw by ensuring reference accounting remains balanced, thus enhancing the stability and reliability of the Ceph file system.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2bfe45987eb346e299d9f763f9cd05f77011519f
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 15f519e9f883b316d86e2bb6b767a023aafd9d83