Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 length; /* number of fields or size in bytes */ __u16 flags; /* Optional params */ }; Make sure to zero the structure to avoid disclosing 32bits of kernel data to user space.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.27, < 5.10.248 |
References
- https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7bPatch
- https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261Patch
- https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1Patch
- https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6Patch
- https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8Patch
- https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378cPatch
- https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464Patch
FAQ
What is CVE-2026-22978?
CVE-2026-22978 is a vulnerability with a CVSS score of 3.3 (LOW). In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __use...
How severe is CVE-2026-22978?
CVE-2026-22978 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-22978?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.