{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-53685","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-01-11T12:34:02.558Z","datePublished":"2025-01-11T12:35:40.252Z","dateUpdated":"2025-11-03T20:48:20.745Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:56:54.870Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nceph: give up on paths longer than PATH_MAX\n\nIf the full path to be built by ceph_mdsc_build_path() happens to be\nlonger than PATH_MAX, then this function will enter an endless (retry)\nloop, effectively blocking the whole task.  Most of the machine\nbecomes unusable, making this a very simple and effective DoS\nvulnerability.\n\nI cannot imagine why this retry was ever implemented, but it seems\nrather useless and harmful to me.  Let's remove it and fail with\nENAMETOOLONG instead."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ceph/mds_client.c"],"versions":[{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"0f2b2d9e881c90402dbe28f9ba831775b7992e1f","status":"affected","versionType":"git"},{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"d42ad3f161a5a487f81915c406f46943c7187a0a","status":"affected","versionType":"git"},{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"e4b168c64da06954be5d520f6c16469b1cadc069","status":"affected","versionType":"git"},{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"c47ed91156daf328601d02b58d52d9804da54108","status":"affected","versionType":"git"},{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa","status":"affected","versionType":"git"},{"version":"9030aaf9bf0a1eee47a154c316c789e959638b0f","lessThan":"550f7ca98ee028a606aa75705a7e77b1bd11720f","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ceph/mds_client.c"],"versions":[{"version":"2.6.34","status":"affected"},{"version":"0","lessThan":"2.6.34","status":"unaffected","versionType":"semver"},{"version":"5.10.234","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.177","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.125","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.70","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.7","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"5.10.234"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"5.15.177"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"6.1.125"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"6.6.70"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"6.12.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0f2b2d9e881c90402dbe28f9ba831775b7992e1f"},{"url":"https://git.kernel.org/stable/c/d42ad3f161a5a487f81915c406f46943c7187a0a"},{"url":"https://git.kernel.org/stable/c/e4b168c64da06954be5d520f6c16469b1cadc069"},{"url":"https://git.kernel.org/stable/c/c47ed91156daf328601d02b58d52d9804da54108"},{"url":"https://git.kernel.org/stable/c/99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa"},{"url":"https://git.kernel.org/stable/c/550f7ca98ee028a606aa75705a7e77b1bd11720f"}],"title":"ceph: give up on paths longer than PATH_MAX","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:48:20.745Z"}}]}}