CRE-2025-0080

Redpanda High Severity IssuesHigh
Mitigation: 9/10

CRE-2025-0080View on GitHub

Redpanda Startup Failure Permission Failure RPC Raft Node Down Cluster Degradation Data Availability Database Corruption

Description

Detects when Redpanda hits any of these on startup or early runtime: 1. Fails to create its crash_reports directory (POSIX error 13). 2. Heartbeat or node-status RPC failures indicating a broker is down. 3. Raft group failure. 4. Data center failure

Mitigation

**Immediate Actions:** ```bash chown -R redpanda:redpanda /var/lib/redpanda/data chmod -R 750 /var/lib/redpanda/data # Free up disk or expand the data volume systemctl restart redpanda ``` **Long-term Fixes:** - InitContainer or boot-script to validate permissions before start. - Multi-broker deployment - Monitor cluster health and broker reachability. - Multi-broker deployment spread across multiple racks or network failure domains - Multi-AZ or replicated deployment - Offline backups

References

https://docs.redpanda.com/current/deploy/deployment-option/self-hosted/manual/high-availability/
https://docs.redpanda.com/current/manage/cluster-maintenance/disk-utilization/
https://docs.redpanda.com/current/manage/rack-awareness/
https://docs.redpanda.com/current/manage/recovery-mode/
https://docs.redpanda.com/current/manage/cluster-maintenance/nodewise-partition-recovery/
https://docs.redpanda.com/current/manage/raft-group-reconfiguration/
https://docs.redpanda.com/current/manage/cluster-maintenance/node-property-configuration/
https://docs.redpanda.com/current/manage/monitoring/
https://vectorized.io