CVE-2026-22990

HIGH

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the incremental osdmap to be invalid.

References (7)

[Patch] https://git.kernel.org/stable/c/4b106fbb1c7b841cd402abd83eb2447164c799ea

[Patch] https://git.kernel.org/stable/c/6348d70af847b79805374fe628d3809a63fd7df3

[Patch] https://git.kernel.org/stable/c/6afd2a4213524bc742b709599a3663aeaf77193c

[Patch] https://git.kernel.org/stable/c/6c6cec3db3b418c4fdf815731bc39e46dff75e1b

[Patch] https://git.kernel.org/stable/c/9aa0b0c14cefece078286d78b97d4c09685e372d

[Patch] https://git.kernel.org/stable/c/d3613770e2677683e65d062da5e31f48c409abe9

[Patch] https://git.kernel.org/stable/c/e00c3f71b5cf75681dbd74ee3f982a99cb690c2b

Scores

CVSS v3 7.5

EPSS 0.0002

EPSS Percentile 3.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-617

Status published

Products (25)

linux/Kernel 2.6.34 - 5.10.248linux

linux/Kernel 5.11.0 - 5.15.198linux

linux/Kernel 5.16.0 - 6.1.161linux

linux/Kernel 6.13.0 - 6.18.6linux

linux/Kernel 6.2.0 - 6.6.121linux

linux/Kernel 6.7.0 - 6.12.66linux

Linux/Linux < 2.6.34

Linux/Linux 2.6.34

Linux/Linux 5.10.248 - 5.10.*

Linux/Linux 5.15.198 - 5.15.*

... and 15 more

Published Jan 23, 2026

Tracked Since Feb 18, 2026