CVE-2026-43273
Description
In the Linux kernel, the following vulnerability has been resolved:
ceph: supply snapshot context in ceph_zero_partial_object()
The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots.
Reproducer: ../src/vstart.sh --new -x --localhost --bluestore ./bin/ceph auth caps client.fs_a mds 'allow rwps fsname=a' mon 'allow r fsname=a' osd 'allow rw tag cephfs data=a' mount -t ceph fs_a@.a=/ /mnt/mycephfs/ -o conf=./ceph.conf dd if=/dev/urandom of=/mnt/mycephfs/foo bs=64K count=1 mkdir /mnt/mycephfs/.snap/snap1 md5sum /mnt/mycephfs/.snap/snap1/foo fallocate -p -o 0 -l 4096 /mnt/mycephfs/foo echo 3 > /proc/sys/vm/drop/caches md5sum /mnt/mycephfs/.snap/snap1/foo # get different md5sum!!
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cephfs missing snapshot context in ceph_zero_partial_object() leads to data inconsistencies when punching holes in files with snapshots.
Vulnerability
In the Linux kernel's Ceph filesystem, the function ceph_zero_partial_object() did not supply the proper snapshot context for its OSD write operations. This could cause data inconsistencies for snapshots when partial object zeroing occurred, such as during fallocate punch hole operations [1].
Exploitation
A user with write access to a CephFS mount can trigger the issue by creating a file, taking a snapshot, and then using fallocate -p to punch a hole. After dropping caches, reading the snapshot returns different data than expected, demonstrating the inconsistency [1].
Impact
The vulnerability leads to incorrect data being returned from snapshots after partial object zeroing, compromising snapshot integrity. This could cause applications relying on consistent snapshot data to malfunction, potentially leading to data corruption or incorrect backups.
Mitigation
Patches are available in the stable kernel trees. Users should update to the latest patched kernel version to address the issue [1][2][3][4].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- git.kernel.org/stable/c/36673344b41c31fb502dd0d0113cec1aa96f581envdPatch
- git.kernel.org/stable/c/4097e70fc543cca72982854108a32f6ae924e727nvdPatch
- git.kernel.org/stable/c/531a76c5a2e44264cee8a70121e63eb28c1ba728nvdPatch
- git.kernel.org/stable/c/5788b742007f53406049bef917833a71ddd43f60nvdPatch
- git.kernel.org/stable/c/69e59a87bab0ea31ab2a584fc65e12dafacf8953nvdPatch
- git.kernel.org/stable/c/757873abfc8ea38592582180aed0f57f0f0cb07anvdPatch
- git.kernel.org/stable/c/9efa154609cdb658f51c7d76b30a09f7e6485250nvdPatch
- git.kernel.org/stable/c/f16bd3fa74a2084ee7e16a8a2be7e7399b970907nvdPatch
News mentions
0No linked articles in our index yet.