Reported by Linux · Published May 1, 2026
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() The memcpy function assumes the dynamic array notif->matches is at least as large as the number of bytes to copy. Otherwise, results->matches may contain unwanted data. To guarantee safety, extend the validation in one of the checks to ensure sufficient packet length. Found by Linux Verification Center (linuxtesting.org) with SVACE.
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c |
| Linux | Linux | 6.1, 0, 6.1.168 |
| Linux | Linux | 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c, 5ac54afd4d97ad8d94fe250c83b1924eb6d2268c |
| linux | linux_kernel | 6.1, 6.1, 6.1 |