CVE-2026-22990

CVE Database · CVE-2026-22990

CVE-2026-22990

· HIGHModified

CVSS v3.1

7.5

EPSS

0.34%

Published

Jan 23, 2026

Modified

Apr 27, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the incremental osdmap to be invalid.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Weaknesses (CWE)

CWE-617

Affected Products (17)

linux · linux_kernel (up to 5.10.248)vulnerable

linux · linux_kernel (up to 5.15.198)vulnerable

linux · linux_kernel (up to 6.1.161)vulnerable

linux · linux_kernel (up to 6.6.121)vulnerable

linux · linux_kernel (up to 6.12.66)vulnerable

linux · linux_kernel (up to 6.18.6)vulnerable

linux · linux_kernelvulnerable