SB2026012404 - Buffer overflow in Linux kernel wireless
Published: January 24, 2026
Security Bulletin ID
SB2026012404
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2026-22978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the compat_private_call() function in net/wireless/wext-priv.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7b
- https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261
- https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1
- https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6
- https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8
- https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378c
- https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464