-

CVE-2026-22991

EPSS 0.03%
Veröffentlicht 23.01.2026 15:24:12
Zuletzt bearbeitet 26.01.2026 15:03:33
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

libceph: make free_choose_arg_map() resilient to partial allocation

free_choose_arg_map() may dereference a NULL pointer if its caller fails
after a partial allocation.

For example, in decode_choose_args(), if allocation of arg_map->args
fails, execution jumps to the fail label and free_choose_arg_map() is
called. Since arg_map->size is updated to a non-zero value before memory
allocation, free_choose_arg_map() will iterate over arg_map->args and
dereference a NULL pointer.

To prevent this potential NULL pointer dereference and make
free_choose_arg_map() more resilient, add checks for pointers before
iterating.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 9b3730dabcf3764bfe3ff07caf55e641a0b45234

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < 851241d3f78a5505224dc21c03d8692f530256b4

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < ec1850f663da64842614c86b20fe734be070c2ba

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < 8081faaf089db5280c3be820948469f7c58ef8dd

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < c4c2152a858c0ce4d2bff6ca8c1d5b0ef9f2cbdf

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < f21c3fdb96833aac2f533506899fe38c19cf49d5

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

Version < e3fe30e57649c551757a02e1cad073c47e1e075e

Version 5cf9c4a9959b6273675310d14a834ef14fbca37c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.13

Status affected

Version < 4.13

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.248

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.161

Status unaffected

Version <= 6.6.*

Version 6.6.121

Status unaffected

Version <= 6.12.*

Version 6.12.66

Status unaffected

Version <= 6.18.*

Version 6.18.6

Status unaffected

Version <= *

Version 6.19-rc5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.084

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/9b3730dabcf3764bfe3ff07caf55e641a0b45234

https://git.kernel.org/stable/c/851241d3f78a5505224dc21c03d8692f530256b4

https://git.kernel.org/stable/c/ec1850f663da64842614c86b20fe734be070c2ba

https://git.kernel.org/stable/c/8081faaf089db5280c3be820948469f7c58ef8dd

https://git.kernel.org/stable/c/c4c2152a858c0ce4d2bff6ca8c1d5b0ef9f2cbdf

https://git.kernel.org/stable/c/f21c3fdb96833aac2f533506899fe38c19cf49d5

https://git.kernel.org/stable/c/e3fe30e57649c551757a02e1cad073c47e1e075e

https://nvd.nist.gov/vuln/detail/CVE-2026-22991

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22991

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22991

EUVD