Race Condition Vulnerability in Linux Kernel's Ceph File System

CVE-2025-39927

What is CVE-2025-39927?

A race condition has been identified in the Linux kernel's Ceph file system that can lead to improper state changes during concurrent operations. Specifically, it involves the validation of 'r_parent' directory inodes before applying state changes. If the cached 'r_parent' does not match the directory info in MDS replies, concurrent actions such as renaming files may result in outdated or stale references. This can cause state changes to be misapplied to incorrect directory inodes. The issue presents a significant risk of reference leaks and underflows, as the necessary adjustments to the CEPH_CAP_PIN references were not made when 'r_parent' was switched. The recent patches address this flaw by ensuring reference accounting remains balanced, thus enhancing the stability and reliability of the Ceph file system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References