VDB

DEBIAN-CVE-2024-53685

DEBIAN-CVE-2024-53685 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH_MAX, then this function will enter an endless (retry) loop, effectively blocking the whole task. Most of the machine becomes unusable, making this a very simple and effective DoS vulnerability. I cannot imagine why this retry was ever implemented, but it seems rather useless and harmful to me. Let's remove it and fail with ENAMETOOLONG instead.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:12linux6.1.99-1, 6.1.99-1, 0
Debian:11linux5.10.149-1, 5.10.209-1, 5.10.209-2
Debian:13linux0, 0
Debian:11linux-6.1*, 0, 6.1.106-3~deb11u1
Debian:14linux0, 0

Exploit Intelligence

Timeline

  • Jan 11, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›