CVE-2024-53685
Published: Jan 11, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH_MAX, then this function will enter an endless (retry) loop, effectively blocking the whole task. Most of the machine becomes unusable, making this a very simple and effective DoS vulnerability. I cannot imagine why this retry was ever implemented, but it seems rather useless and harmful to me. Let's remove it and fail with ENAMETOOLONG instead.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 9030aaf9bf0a1eee47a154c316c789e959638b0f - < 0f2b2d9e881c90402dbe28f9ba831775b7992e1faffected 9030aaf9bf0a1eee47a154c316c789e959638b0f - < d42ad3f161a5a487f81915c406f46943c7187a0aaffected 9030aaf9bf0a1eee47a154c316c789e959638b0f - < e4b168c64da06954be5d520f6c16469b1cadc069affected 9030aaf9bf0a1eee47a154c316c789e959638b0f - < c47ed91156daf328601d02b58d52d9804da54108affected 9030aaf9bf0a1eee47a154c316c789e959638b0f - < 99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa+1 more versions |
Linux | Linux | affected 2.6.34unaffected 0 - < 2.6.34unaffected 5.10.234 - <= 5.10.*unaffected 5.15.177 - <= 5.15.*unaffected 6.1.125 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now