ceph: supply snapshot context in ceph_zero_partial_object()

Summary

CVE	CVE-2026-43273
State	PUBLISHED
Assigner	Linux
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-05-06 12:16:48 UTC
Updated	2026-05-06 13:07:51 UTC
Description	In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer: ../src/vstart.sh --new -x --localhost --bluestore ./bin/ceph auth caps client.fs_a mds 'allow rwps fsname=a' mon 'allow r fsname=a' osd 'allow rw tag cephfs data=a' mount -t ceph [email protected]=/ /mnt/mycephfs/ -o conf=./ceph.conf dd if=/dev/urandom of=/mnt/mycephfs/foo bs=64K count=1 mkdir /mnt/mycephfs/.snap/snap1 md5sum /mnt/mycephfs/.snap/snap1/foo fallocate -p -o 0 -l 4096 /mnt/mycephfs/foo echo 3 > /proc/sys/vm/drop/caches md5sum /mnt/mycephfs/.snap/snap1/foo # get different md5sum!!

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 36673344b41c31fb502dd0d0113cec1aa96f581e git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 5788b742007f53406049bef917833a71ddd43f60 git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 757873abfc8ea38592582180aed0f57f0f0cb07a git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 9efa154609cdb658f51c7d76b30a09f7e6485250 git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 531a76c5a2e44264cee8a70121e63eb28c1ba728 git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 69e59a87bab0ea31ab2a584fc65e12dafacf8953 git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 4097e70fc543cca72982854108a32f6ae924e727 git	Not specified
CNA	Linux	Linux	affected ad7a60de882aca31afb58721db166f7e77afcd92 f16bd3fa74a2084ee7e16a8a2be7e7399b970907 git	Not specified
CNA	Linux	Linux	affected 3.12	Not specified
CNA	Linux	Linux	unaffected 3.12 semver	Not specified
CNA	Linux	Linux	unaffected 5.10.252 5.10.* semver	Not specified
CNA	Linux	Linux	unaffected 5.15.202 5.15.* semver	Not specified
CNA	Linux	Linux	unaffected 6.1.165 6.1.* semver	Not specified
CNA	Linux	Linux	unaffected 6.6.128 6.6.* semver	Not specified
CNA	Linux	Linux	unaffected 6.12.75 6.12.* semver	Not specified
CNA	Linux	Linux	unaffected 6.18.16 6.18.* semver	Not specified
CNA	Linux	Linux	unaffected 6.19.6 6.19.* semver	Not specified
CNA	Linux	Linux	unaffected 7.0 * original_commit_for_fix	Not specified

References

Reference	Source	Link	Tags
git.kernel.org/stable/c/5788b742007f53406049bef917833a71ddd43f60	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/757873abfc8ea38592582180aed0f57f0f0cb07a	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/36673344b41c31fb502dd0d0113cec1aa96f581e	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/f16bd3fa74a2084ee7e16a8a2be7e7399b970907	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/531a76c5a2e44264cee8a70121e63eb28c1ba728	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/69e59a87bab0ea31ab2a584fc65e12dafacf8953	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/9efa154609cdb658f51c7d76b30a09f7e6485250	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/4097e70fc543cca72982854108a32f6ae924e727	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.