CVE-2026-43172

EUVD-2026-27735
In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: fix 22000 series SMEM parsing

If the firmware were to report three LMACs (which doesn't
exist in hardware) then using "fwrt->smem_cfg.lmac[2]" is
an overrun of the array. Reject such and use IWL_FW_CHECK
instead of WARN_ON in this function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.8 ≤
𝑥
< 6.18.16
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1d49a42717bdc8de77eabeb5b7d3e88d141ffea9
https://git.kernel.org/stable/c/2b4b1510aaaf5b9fb57327ecffc20c055f61f205
https://git.kernel.org/stable/c/58192b9ce09b0f0f86e2036683bd542130b91a98