VDB
DEBIAN-CVE-2026-22990
DEBIAN-CVE-2026-22990
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the incremental osdmap to be invalid.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux | 5.10.178-1, 0, 5.10.92-2 |
| Debian:14 | linux | 6.13, 6.13, * |
| Debian:12 | linux | 6.1.135-1, 0, 6.1.106-1 |
| Debian:11 | linux-6.1 | 6.1.159-1, 6.1.137-1~deb11u1, 6.1.140-1~deb11u1 |
| Debian:13 | linux | 0, 6.12.38-1, 6.12.41-1 |
Timeline
- Jan 23, 2026 CVE Published
- Apr 28, 2026 CVE Updated