Linux Kernel AFS Maximum Cell Name Length Vulnerability

A vulnerability in the Linux kernel's AFS filesystem has been addressed, related to the maximum length of cell names. The AFS filesystem previously allowed cell names up to 256 bytes, but this created a conflict with procfs, which limits filenames to 255 bytes. When AFS attempted to create a directory under /proc/net/afs/ using a maximum-length cell name, it failed and generated a warning due to this filename length restriction. Additionally, DNS lookup length limitations effectively reduced the maximum cell name length to 253 bytes. The vulnerability has been fixed by reducing the maximum acceptable cell name length to 253 bytes, ensuring compatibility with both procfs and DNS requirements. The YFS VL record cell name maximum has also been adjusted to align with the protocol's 256-byte limit, disregarding any record that exceeds 253 bytes.

Impact

The vulnerability could lead to issues with cell name handling in the AFS filesystem, potentially causing directory creation failures in procfs due to filename length restrictions.