Cephfs · Cephfs · CVE-2026-23189
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions 6.18-rc1 and later
**Description**
The CephFS kernel client contains a flaw in the `ceph mds auth match()` function where a NULL pointer dereference can occur if `fs name` is NULL. This issue arises during authorization checks within the CephFS client. The vulnerability is related to how the file system name is handled during the mounting process and authorization checks. The suggested resolution involves decoding `fs name` from the MDSMap and implementing strict authorization checks against it. The `-o mds namespace=foo` option should only be used for selecting the file system to mount and not for other purposes.
**Recommendations**
Update to a newer version of the Linux kernel that includes the fix for this vulnerability.