CVE-2026-23189

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18-rc1 and later

Description The CephFS kernel client contains a flaw in the ceph mds auth match() function where a NULL pointer dereference can occur if fs name is NULL. This issue arises during authorization checks within the CephFS client. The vulnerability is related to how the file system name is handled during the mounting process and authorization checks. The suggested resolution involves decoding fs name from the MDSMap and implementing strict authorization checks against it. The -o mds namespace=foo option should only be used for selecting the file system to mount and not for other purposes.

Recommendations Update to a newer version of the Linux kernel that includes the fix for this vulnerability.