Linux Kernel Ceph Component Unaligned File Size Vulnerability Leading to Kernel Panic

A vulnerability in the Linux kernel's Ceph component can cause a kernel panic when an encrypted inode has an unaligned file size, such as 33K or 1K. This issue was observed during the generic/397 test, where the kernel encountered a BUG_ON condition. The problem arises in the Ceph messenger when handling data from an encrypted inode with a file size that is not properly aligned, leading to a kernel BUG and a crash.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by creating an encrypted inode with an unaligned file size, such as 33K or 1K. This can be done using the XFS file system by setting a deprecated v1 encryption policy, which is not recommended. Once the unaligned file size is established, running the generic/397 test will trigger the vulnerability, causing a kernel BUG and a crash.