In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() The memcpy function assumes the dynamic array notif->matches is at least as large as the number of bytes to copy. Otherwise, results->matches may contain unwanted data. To guarantee safety, extend the validation in one of the checks to ensure sufficient packet length. Found by Linux Verification Center (linuxtesting.org) with SVACE.
| Vendor | Product | Versions |
|---|---|---|
| intel | iwlwifi | 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 6.1 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| linux | linux | mitre_affected | 90% |
| open source | open source linux kernel | cert_advisory | 90% |
Updated description with critical severity, new affected versions, and corrected exploit availability.
Added CVE-2026-31779, updated affected versions, changed severity to HIGH, and provided a specific patch version.
Initial creation
