CVE-2025-21737

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been identified in the Linux kernel, specifically in the ceph mds auth match() function. This leak can occur when accessing files on a CephFS filesystem subdirectory with an auth token using a path-scoped capability, potentially leading to a rapid system crash due to continuous memory growth. The issue was detected in production and triggered kernel OOM, causing the kernel to hard-lock. Technical details include the allocation of a temporary target path substring, which was not freed on every possible branch, resulting in the memory leak.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.