7.5

CVE-2026-22990

libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved:

libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

If the osdmap is (maliciously) corrupted such that the incremental
osdmap epoch is different from what is expected, there is no need to
BUG.  Instead, just declare the incremental osdmap to be invalid.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.34.1 < 5.10.248
LinuxLinux Kernel Version >= 5.11 < 5.15.198
LinuxLinux Kernel Version >= 5.16 < 6.1.161
LinuxLinux Kernel Version >= 6.2 < 6.6.121
LinuxLinux Kernel Version >= 6.7 < 6.12.66
LinuxLinux Kernel Version >= 6.13 < 6.18.6
LinuxLinux Kernel Version2.6.34 Update-
LinuxLinux Kernel Version2.6.34 Updaterc2
LinuxLinux Kernel Version2.6.34 Updaterc3
LinuxLinux Kernel Version2.6.34 Updaterc4
LinuxLinux Kernel Version2.6.34 Updaterc5
LinuxLinux Kernel Version2.6.34 Updaterc6
LinuxLinux Kernel Version2.6.34 Updaterc7
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
LinuxLinux Kernel Version6.19 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.257
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/9aa0b0c14cefece078286d78b97d4c09685e372d
Patch
https://git.kernel.org/stable/c/4b106fbb1c7b841cd402abd83eb2447164c799ea
Patch
https://git.kernel.org/stable/c/6afd2a4213524bc742b709599a3663aeaf77193c
Patch
https://git.kernel.org/stable/c/d3613770e2677683e65d062da5e31f48c409abe9
Patch
https://git.kernel.org/stable/c/6c6cec3db3b418c4fdf815731bc39e46dff75e1b
Patch
https://git.kernel.org/stable/c/6348d70af847b79805374fe628d3809a63fd7df3
Patch
https://git.kernel.org/stable/c/e00c3f71b5cf75681dbd74ee3f982a99cb690c2b
Patch