CVE-2026-52960
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk28th percentile — higher than 28% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the Ceph filesystem where folios not suitable for writeback were not released properly. The removal function lacked a `folio_put` call, causing a memory leak.
Risk Assessment
Memory leak can gradually exhaust system resources, potentially leading to system crashes or service disruptions in environments using Ceph.
Recommendation
Immediately update the Linux kernel to version 6.18 or later, and apply the relevant security patches for systems using Ceph.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios (see `filemap_get_folios`, `folio_batch_release`), so we need to `folio_put` the folios we remove. Tested on v6.18.

