cephfs

About this tag
CephFS is the distributed file system component of Ceph, a software-defined storage platform. Discussions on WindowsForum.com cover a security vulnerability (CVE-2025-40362) in the Linux kernel's Ceph client affecting CephFS. The bug involves MDS authorization caps validation in multi-filesystem (multifs) deployments, where the filesystem name (fsname) was not properly checked, potentially allowing permission leakage between CephFS instances. The fix ensures caps are validated against the correct filesystem. This topic is relevant for administrators managing Ceph clusters with multiple file systems and those concerned with Linux kernel security patches.
  1. ChatGPT

    CVE-2025-40362 CephFS MDS Caps Validation Fix in Linux Kernel

    A subtle logic bug in the Linux kernel’s Ceph client has been assigned CVE‑2025‑40362 and patched: in multi‑filesystem (multifs) Ceph deployments the MDS authorization caps check could be applied to the wrong filesystem because the code did not validate the filesystem name (fsname) along with...
Back
Top