CVE-2026-22990

medium

Red Hat

CVSS v3 Base Score

7.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS Score

0.0%

Exploitation probability in 30 days

Top 99% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

None

Integrity

Low

Availability

High

Published: January 23, 2026 (112 days ago)

Last Modified: January 23, 2026

Vendor: Red Hat

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the incremental osdmap to be invalid.

CWE

CWE-617

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 lore.kernel.org

CVE-2026-22990

Vulnerability Report

Description

CWE

Affected Products

References