CVE-2024-53685
ceph: give up on paths longer than PATH_MAX
In the Linux kernel, the following vulnerability has been resolved:
ceph: give up on paths longer than PATH_MAX
If the full path to be built by ceph_mdsc_build_path() happens to be
longer than PATH_MAX, then this function will enter an endless (retry)
loop, effectively blocking the whole task. Most of the machine
becomes unusable, making this a very simple and effective DoS
vulnerability.
I cannot imagine why this retry was ever implemented, but it seems
rather useless and harmful to me. Let's remove it and fail with
ENAMETOOLONG instead.
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/0f2b2d9e881c90402dbe28f9ba831775b7992e1fhttps://git.kernel.org/stable/c/550f7ca98ee028a606aa75705a7e77b1bd11720fhttps://git.kernel.org/stable/c/99a37ab76a315c8307eb5b0dc095d8ad9d8efeaahttps://git.kernel.org/stable/c/c47ed91156daf328601d02b58d52d9804da54108https://git.kernel.org/stable/c/d42ad3f161a5a487f81915c406f46943c7187a0ahttps://git.kernel.org/stable/c/e4b168c64da06954be5d520f6c16469b1cadc069https://lists.debian.org/debian-lts-announce/2025/03/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.html