VDB

DEBIAN-CVE-2026-22978

DEBIAN-CVE-2026-22978 PUBLISHED CVSS 3.299999952316284 LOW

In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 length; /* number of fields or size in bytes */ __u16 flags; /* Optional params */ }; Make sure to zero the structure to avoid disclosing 32bits of kernel data to user space.

Risk Scores

CVSS 3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
Debian:12linux0, 6.1.106-1, 6.1.106-2
Debian:11linux-6.16.1.159-1, 6.1.158-1, 6.1.153-1
Debian:14linux6.16.6-1, 6.16.7-1, 6.16.8-1
Debian:11linux5.10.127-2, 5.10.136-1, 5.10.140-1
Debian:13linux*, 6.12.69-1, 6.12.63-1

Exploit Intelligence

Timeline

  • Jan 23, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›