Zurück zur CVE-Übersicht
CVE-2026-31779
HIGH(8.1)CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Risk Signal Score20/100 — NIEDRIG
- CVSS 8.1 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.1
Technische Schwere
Beschreibung
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() The memcpy function assumes the dynamic array notif->matches is at least as large as the number of bytes to copy. Otherwise, results->matches may contain unwanted data. To guarantee safety, extend the validation in one of the checks to ensure sufficient packet length. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Referenzen
- https://git.kernel.org/stable/c/744fabc338e87b95c4d1ff7c95bc8c0f834c6d99
- https://git.kernel.org/stable/c/ca0e9491b98ca4c5b44204b0b3dd8062a3b5fba2
- https://git.kernel.org/stable/c/dd90880eb5ec5442b37eb2b95688f4a63f4883e3
- https://git.kernel.org/stable/c/e67d8c626ace80b0fa2b48c8ec0a46b508c93442
- https://git.kernel.org/stable/c/f6abac936a0dfd31d6c3e49205ec0ee75a8f887f
- https://git.kernel.org/stable/c/ffbed27ba15ef80d1c622eeedbfef03e501ae134