CVE-2026-22992
BaseFortify
Publication date: 2026-01-23
Last updated on: 2026-04-27
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.11 (inc) to 5.15.198 (exc) |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | From 6.13 (inc) to 6.18.6 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.6.121 (exc) |
| linux | linux_kernel | From 6.7 (inc) to 6.12.66 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.161 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's libceph component involves improper error handling during the authentication phase. Specifically, errors from ceph_auth_handle_reply_done() are propagated internally but not returned from mon_handle_auth_done(). As a result, higher layers believe authentication succeeded while the msgr2 subsystem continues to establish a session in the background. In secure mode, this can cause a warning in setup_crypto() and eventually lead to a NULL pointer dereference in prepare_auth_signature().
How can this vulnerability impact me? :
The vulnerability can cause unexpected behavior during the authentication process, including warnings and a NULL pointer dereference, which may lead to crashes or instability in the system. This could potentially disrupt services relying on the Ceph storage system by causing authentication sessions to be improperly established or fail unexpectedly.