#VU122002 Buffer overflow in Linux kernel - CVE-2026-22978
Published: January 24, 2026
Vulnerability identifier: #VU122002
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-22978
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the compat_private_call() function in net/wireless/wext-priv.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7b
- https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261
- https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1
- https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6
- https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8
- https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378c
- https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464