logo_clicknbuy.png

CVE-2025-38534 – Ceph Linux Kernel NETFS Request Offload Collection Vulnerability

The following table lists the changes that have been made to the
CVE-2025-38534 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Aug. 16, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    netfs: Fix copy-to-cache so that it performs collection with ceph+fscache

    The netfs copy-to-cache that is used by Ceph with local caching sets up a
    new request to write data just read to the cache. The request is started
    and then left to look after itself whilst the app continues. The request
    gets notified by the backing fs upon completion of the async DIO write, but
    then tries to wake up the app because NETFS_RREQ_OFFLOAD_COLLECTION isn’t
    set – but the app isn’t waiting there, and so the request just hangs.

    Fix this by setting NETFS_RREQ_OFFLOAD_COLLECTION which causes the
    notification from the backing filesystem to put the collection onto a work
    queue instead.
    Added Reference https://git.kernel.org/stable/c/1ebe58cef84eab22b41b4d5e72c2051ebf00af50
    Added Reference https://git.kernel.org/stable/c/4c238e30774e3022a505fa54311273add7570f13
Share the Post:

Related Posts