{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-21646", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-12-29T08:45:45.728Z", "datePublished": "2025-01-19T10:18:02.776Z", "dateUpdated": "2025-02-02T10:16:06.776Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-02-02T10:16:06.776Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix the maximum cell name length\n\nThe kafs filesystem limits the maximum length of a cell to 256 bytes, but a\nproblem occurs if someone actually does that: kafs tries to create a\ndirectory under /proc/net/afs/ with the name of the cell, but that fails\nwith a warning:\n\n WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:405\n\nbecause procfs limits the maximum filename length to 255.\n\nHowever, the DNS limits the maximum lookup length and, by extension, the\nmaximum cell name, to 255 less two (length count and trailing NUL).\n\nFix this by limiting the maximum acceptable cellname length to 253. This\nalso allows us to be sure we can create the \"/afs/.<cell>/\" mountpoint too.\n\nFurther, split the YFS VL record cell name maximum to be the 256 allowed by\nthe protocol and ignore the record retrieved by YFSVL.GetCellName if it\nexceeds 253."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/afs/afs.h", "fs/afs/afs_vl.h", "fs/afs/vl_alias.c", "fs/afs/vlclient.c"], "versions": [{"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "9340385468d056bb700b8f28df236b81fc86a079", "status": "affected", "versionType": "git"}, {"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "7cb3e77e9b4e6ffa325a5559393d3283c9af3d01", "status": "affected", "versionType": "git"}, {"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "aabe47cf5ac5e1db2ae0635f189d836f67024904", "status": "affected", "versionType": "git"}, {"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "7673030efe0f8ca1056d3849d61784c6caa052af", "status": "affected", "versionType": "git"}, {"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "7922b1f058fe24a93730511dd0ae2e1630920096", "status": "affected", "versionType": "git"}, {"version": "c3e9f888263bb4df11cbd623ceced02081cb2f9f", "lessThan": "8fd56ad6e7c90ac2bddb0741c6b248c8c5d56ac8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/afs/afs.h", "fs/afs/afs_vl.h", "fs/afs/vl_alias.c", "fs/afs/vlclient.c"], "versions": [{"version": "5.8", "status": "affected"}, {"version": "0", "lessThan": "5.8", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.234", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.177", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.125", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.72", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.10", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/9340385468d056bb700b8f28df236b81fc86a079"}, {"url": "https://git.kernel.org/stable/c/7cb3e77e9b4e6ffa325a5559393d3283c9af3d01"}, {"url": "https://git.kernel.org/stable/c/aabe47cf5ac5e1db2ae0635f189d836f67024904"}, {"url": "https://git.kernel.org/stable/c/7673030efe0f8ca1056d3849d61784c6caa052af"}, {"url": "https://git.kernel.org/stable/c/7922b1f058fe24a93730511dd0ae2e1630920096"}, {"url": "https://git.kernel.org/stable/c/8fd56ad6e7c90ac2bddb0741c6b248c8c5d56ac8"}], "title": "afs: Fix the maximum cell name length", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix the maximum cell name length\n\nThe kafs filesystem limits the maximum length of a cell to 256 bytes, but a\nproblem occurs if someone actually does that: kafs tries to create a\ndirectory under /proc/net/afs/ with the name of the cell, but that fails\nwith a warning:\n\n WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:405\n\nbecause procfs limits the maximum filename length to 255.\n\nHowever, the DNS limits the maximum lookup length and, by extension, the\nmaximum cell name, to 255 less two (length count and trailing NUL).\n\nFix this by limiting the maximum acceptable cellname length to 253. This\nalso allows us to be sure we can create the \"/afs/.<cell>/\" mountpoint too.\n\nFurther, split the YFS VL record cell name maximum to be the 256 allowed by\nthe protocol and ignore the record retrieved by YFSVL.GetCellName if it\nexceeds 253."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: afs: Arreglar la longitud m\u00e1xima del nombre de celda El sistema de archivos kafs limita la longitud m\u00e1xima de una celda a 256 bytes, pero ocurre un problema si alguien realmente hace eso: kafs intenta crear un directorio bajo /proc/net/afs/ con el nombre de la celda, pero eso falla con una advertencia: ADVERTENCIA: CPU: 0 PID: 9 en fs/proc/generic.c:405 porque procfs limita la longitud m\u00e1xima del nombre de archivo a 255. Sin embargo, el DNS limita la longitud m\u00e1xima de b\u00fasqueda y, por extensi\u00f3n, el nombre m\u00e1ximo de celda, a 255 menos dos (recuento de longitud y NUL final). Arregle esto limitando la longitud m\u00e1xima aceptable del nombre de celda a 253. Esto tambi\u00e9n nos permite estar seguros de que podemos crear el punto de montaje \"/afs/./\" tambi\u00e9n. Adem\u00e1s, divida el nombre de celda del registro YFS VL al m\u00e1ximo de 256 permitido por el protocolo e ignore el registro recuperado por YFSVL.GetCellName si excede 253."}], "id": "CVE-2025-21646", "lastModified": "2025-02-02T11:15:15.290", "metrics": {}, "published": "2025-01-19T11:15:10.197", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7673030efe0f8ca1056d3849d61784c6caa052af"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7922b1f058fe24a93730511dd0ae2e1630920096"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7cb3e77e9b4e6ffa325a5559393d3283c9af3d01"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8fd56ad6e7c90ac2bddb0741c6b248c8c5d56ac8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9340385468d056bb700b8f28df236b81fc86a079"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/aabe47cf5ac5e1db2ae0635f189d836f67024904"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: afs: Fix the maximum cell name length", "id": "2338830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338830"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nafs: Fix the maximum cell name length\nThe kafs filesystem limits the maximum length of a cell to 256 bytes, but a\nproblem occurs if someone actually does that: kafs tries to create a\ndirectory under /proc/net/afs/ with the name of the cell, but that fails\nwith a warning:\nWARNING: CPU: 0 PID: 9 at fs/proc/generic.c:405\nbecause procfs limits the maximum filename length to 255.\nHowever, the DNS limits the maximum lookup length and, by extension, the\nmaximum cell name, to 255 less two (length count and trailing NUL).\nFix this by limiting the maximum acceptable cellname length to 253. This\nalso allows us to be sure we can create the \"/afs/.<cell>/\" mountpoint too.\nFurther, split the YFS VL record cell name maximum to be the 256 allowed by\nthe protocol and ignore the record retrieved by YFSVL.GetCellName if it\nexceeds 253."], "name": "CVE-2025-21646", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-21646\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21646\nhttps://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21646-8f6e@gregkh/T"], "threat_severity": "Moderate"}