CVE-2026-22978

EUVD-2026-4312
In the Linux kernel, the following vulnerability has been resolved:

wifi: avoid kernel-infoleak from struct iw_point

struct iw_point has a 32bit hole on 64bit arches.

struct iw_point {
  void __user   *pointer;       /* Pointer to the data  (in user space) */
  __u16         length;         /* number of fields or size in bytes */
  __u16         flags;          /* Optional params */
};

Make sure to zero the structure to avoid disclosing 32bits of kernel data
to user space.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
2.6.27 ≤
𝑥
< 5.10.248
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.198
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.161
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.121
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.66
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.6
linuxlinux_kernel
6.19:rc1
linuxlinux_kernel
6.19:rc2
linuxlinux_kernel
6.19:rc3
linuxlinux_kernel
6.19:rc4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.164-1
fixed
bullseye
vulnerable
bullseye (security)
5.10.251-1
fixed
forky
6.19.10-1
fixed
sid
6.19.10-1
fixed
trixie
6.12.73-1
fixed
trixie (security)
6.12.74-2
fixed
linux-6.1
bullseye (security)
6.1.164-1~deb11u1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7b
https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261
https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1
https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6
https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8
https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378c
https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464