CVE Catalog

CVE-2026-52960

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile — higher than 28% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the Ceph filesystem where folios not suitable for writeback were not released properly. The removal function lacked a `folio_put` call, causing a memory leak.

Risk Assessment

Memory leak can gradually exhaust system resources, potentially leading to system crashes or service disruptions in environments using Ceph.

Recommendation

Immediately update the Linux kernel to version 6.18 or later, and apply the relevant security patches for systems using Ceph.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios (see `filemap_get_folios`, `folio_batch_release`), so we need to `folio_put` the folios we remove. Tested on v6.18.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS