CVE-2025-39878

MEDIUM 5.5

ceph: fix crash after fscrypt_encrypt_pagecache_blocks() error

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscrypt_encrypt_pagecache_blocks() error The function move_dirty_folio_in_page_array() was created by commit ce80b76dd327 ("ceph: introduce ceph_process_folio_batch() method") by moving code from ceph_writepages_start() to this function. This new function is supposed to return an error code which is checked by the caller (now ceph_process_folio_batch()), and on error, the caller invokes redirty_page_for_writepage() and then breaks from the loop. However, the refactoring commit has gone wrong, and it by accident, it always returns 0 (= success) because it first NULLs the pointer and then returns PTR_ERR(NULL) which is always 0. This means errors are silently ignored, leaving NULL entries in the page array, which may later crash the kernel. The simple solution is to call PTR_ERR() before clearing the pointer.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 23, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

ce80b76dd32764cc914975777e058d4fae4f0ea0 < dd1616ecbea920d228c56729461ed223cc501425 ce80b76dd32764cc914975777e058d4fae4f0ea0 < 249e0a47cdb46bb9eae65511c569044bd8698d7d

Linux / Linux

6.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/dd1616ecbea920d228c56729461ed223cc501425 git.kernel.org: https://git.kernel.org/stable/c/249e0a47cdb46bb9eae65511c569044bd8698d7d