CVE-2025-52555

Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is tha...

CVE-2025-22002 netfs: Call `invalidate_cache` only if implemented

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many filesystems such as NFS and Ceph do not implement the invalidatecache method. On those filesystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...

CVE-2014-6417

net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service system crash or possibly have unspecified other impact via a long unencrypted auth ticket...