Linux Kernel Ceph Inode Reference Leakage Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Ceph file system component has been addressed, concerning improper management of inode references in the 'ceph_get_snapdir()' function. The issue arose because 'ceph_get_inode()' would either search for an existing inode or insert a new one, returning a reference to it. In cases where a new inode was created, the reference needed to be released, particularly during error handling. This vulnerability could lead to an inode reference leak, potentially causing memory management issues.

Impact

The vulnerability could result in an inode reference leak, leading to memory management problems within the Ceph file system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Ceph Inode Reference Leakage Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating