CVE-2024-53685

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The issue concerns a denial of service (DoS) vulnerability in the Linux kernel. Specifically, when the ceph mdsc build path() function attempts to build a path longer than PATH MAX, it enters an endless loop, effectively blocking the task and making most of the machine unusable. This vulnerability is considered simple and effective. The retry mechanism in this function seems unnecessary and harmful. To address this, the function will now fail with ENAMETOOLONG instead of retrying.

Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling the ceph mdsc build path() function until a patch is available. Restrict access to paths that could potentially exceed PATH MAX to minimize the risk of exploitation. Avoid using paths longer than PATH MAX in the affected ceph mdsc build path() function until the issue is resolved.