CVE-2025-40362 ceph: fix multifs mds auth caps issue

🗓️ 16 Dec 2025 13:40:02Reported by LinuxType

Ceph fixes multifs mds caps by validating the file system name to prevent cross-fs privileges.

Reporter	Title	Published	Views	Family All 147
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1495)	30 Mar 202600:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20145-1)	4 Feb 202600:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50006)	14 Jan 202600:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2025-5.0-0719	25 Dec 202500:00	–	nessus
Tenable Nessus	Photon OS 4.0: Linux PHSA-2026-4.0-0980	19 Mar 202600:00	–	nessus
Tenable Nessus	SUSE SLES16 Security Update : kernel (SUSE-SU-2026:20220-1)	6 Feb 202600:00	–	nessus
Tenable Nessus	SUSE SLES16 Security Update : kernel (SUSE-SU-2026:20228-1)	6 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 25.10 : Linux kernel vulnerabilities (USN-8029-1)	13 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 25.10 : Linux kernel (GCP) vulnerabilities (USN-8030-1)	13 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-8048-1)	19 Feb 202600:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/ceph/mds_client.c",
      "fs/ceph/mdsmap.c",
      "fs/ceph/super.c",
      "fs/ceph/super.h"
    ],
    "versions": [
      {
        "version": "596afb0b8933ba6ed7227adcc538db26feb25c74",
        "lessThan": "07640d34a781bb2e39020a39137073c03c4aa932",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "596afb0b8933ba6ed7227adcc538db26feb25c74",
        "lessThan": "ca3da8b27ab9a0923ad477447cfb8fc7f4b4c523",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "596afb0b8933ba6ed7227adcc538db26feb25c74",
        "lessThan": "22c73d52a6d05c5a2053385c0d6cd9984732799d",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/ceph/mds_client.c",
      "fs/ceph/mdsmap.c",
      "fs/ceph/super.c",
      "fs/ceph/super.h"
    ],
    "versions": [
      {
        "version": "6.10",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.10",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.58",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17.8",
        "lessThanOrEqual": "6.17.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/ca3da8b27ab9a0923ad477447cfb8fc7f4b4c523
git	www.git.kernel.org/stable/c/07640d34a781bb2e39020a39137073c03c4aa932
git	www.git.kernel.org/stable/c/22c73d52a6d05c5a2053385c0d6cd9984732799d

11 May 2026 21:47Current

EPSS0.0009