CVE-2025-21646

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> afs: Fix the maximum cell name length<br /> <br /> The kafs filesystem limits the maximum length of a cell to 256 bytes, but a<br /> problem occurs if someone actually does that: kafs tries to create a<br /> directory under /proc/net/afs/ with the name of the cell, but that fails<br /> with a warning:<br /> <br /> WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:405<br /> <br /> because procfs limits the maximum filename length to 255.<br /> <br /> However, the DNS limits the maximum lookup length and, by extension, the<br /> maximum cell name, to 255 less two (length count and trailing NUL).<br /> <br /> Fix this by limiting the maximum acceptable cellname length to 253. This<br /> also allows us to be sure we can create the "/afs/./" mountpoint too.<br /> <br /> Further, split the YFS VL record cell name maximum to be the 256 allowed by<br /> the protocol and ignore the record retrieved by YFSVL.GetCellName if it<br /> exceeds 253.