CVE-2026-22978

LOW
2026-01-23 416baaa9-dc9f-4396-8d5f-8c081fb06d67
3.3
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
Patch Released
Feb 26, 2026 - 20:17 nvd
Patch available
CVE Published
Jan 23, 2026 - 16:15 nvd
LOW 3.3

Tags

Linux Linux Kernel

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 length; /* number of fields or size in bytes */ __u16 flags; /* Optional params */ }; Make sure to zero the structure to avoid disclosing 32bits of kernel data to user space.

Analysis

In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. [CVSS 3.3 LOW]

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

During next maintenance window: Apply vendor patches when convenient. Vendor patch is available.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

17
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +16
POC: 0

Share

CVE-2026-22978 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy