Skip to main content

Red Hat EUVDEUVD-2026-16212

| CVE-2026-29976 MEDIUM
Classic Buffer Overflow (CWE-120)
2026-03-26 mitre
6.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.2 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Red Hat
2.8 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 26, 2026 - 15:00 euvd
EUVD-2026-16212
Analysis Generated
Mar 26, 2026 - 15:00 vuln.today
CVE Published
Mar 26, 2026 - 00:00 nvd
MEDIUM 6.2

DescriptionCVE.org

Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function

AnalysisAI

The getradiotapfield() function in ZerBea hcxpcapngtool version 7.0.1-43-g2ee308e contains a buffer overflow vulnerability allowing local attackers to trigger a denial of service condition through memory corruption. While the vulnerability is classified as causing information disclosure in the description, the CVSS vector (C:N/I:N/A:H) indicates the primary impact is availability degradation rather than confidentiality compromise. No public exploit code or active exploitation has been identified at the time of analysis, though the local attack vector and lack of required privileges make exploitation feasible for any user with local system access.

Technical ContextAI

hcxpcapngtool is a utility for processing pcap-ng files related to wireless packet capture analysis. The vulnerability exists in the getradiotapfield() function, which is responsible for parsing and extracting radiotap header fields from wireless packet captures. The root cause is classified as CWE-120 (Buffer Copy without Checking Size of Input, also known as classic buffer overflow), indicating that the function fails to validate the size of input data before copying it into a fixed-size buffer. Radiotap is a standard format for injecting and receiving frames in monitor mode on Linux wireless interfaces, making this function critical in the packet processing pipeline. The affected version identifier (7.0.1-43-g2ee308e) indicates a development build rather than an official release tag, suggesting the vulnerability may exist across multiple version branches.

RemediationAI

Update to the latest available version of hcxpcapngtool from the ZerBea GitHub repository (https://github.com/ZerBea/hcxtools), as the specific patched version is not independently confirmed in the provided advisory data. Monitor GitHub issue #365 for confirmation of a fix commit or tagged release. Until patching is completed, restrict local system access to untrusted users and disable hcxpcapngtool processing of pcap-ng files from untrusted or unvalidated sources. If the tool must process external pcap files, run it in a sandboxed or containerized environment with limited privileges and resource quotas to contain the impact of a potential denial of service. Input validation of pcap-ng files through preliminary static analysis tools before processing with hcxpcapngtool may mitigate some attack scenarios.

Vendor StatusVendor

Share

EUVD-2026-16212 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy