In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()

The memcpy function assumes the dynamic array notif->matches is at least
as large as the number of bytes to copy. Otherwise, results->matches may
contain unwanted data. To guarantee safety, extend the validation in one
of the checks to ensure sufficient packet length.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < f6abac936a0dfd31d6c3e49205ec0ee75a8f887f
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < ffbed27ba15ef80d1c622eeedbfef03e501ae134
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < e67d8c626ace80b0fa2b48c8ec0a46b508c93442
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < dd90880eb5ec5442b37eb2b95688f4a63f4883e3
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < ca0e9491b98ca4c5b44204b0b3dd8062a3b5fba2
5ac54afd4d97ad8d94fe250c83b1924eb6d2268c affected < 744fabc338e87b95c4d1ff7c95bc8c0f834c6d99
Linux Linux affected
Version Status Constraints
6.1 affected
0 unaffected < 6.1
6.1.168 unaffected ≤ 6.1.*
6.6.134 unaffected ≤ 6.6.*
6.12.81 unaffected ≤ 6.12.*
6.18.22 unaffected ≤ 6.18.*
6.19.12 unaffected ≤ 6.19.*
7.0 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories
Source ID Title
Debian DSA Debian DSA DSA-6243-1 linux security update
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/744fabc338e87b95c4d1ff7c95bc8c0f834c6d99 cve-icon cve-icon
https://git.kernel.org/stable/c/ca0e9491b98ca4c5b44204b0b3dd8062a3b5fba2 cve-icon cve-icon
https://git.kernel.org/stable/c/dd90880eb5ec5442b37eb2b95688f4a63f4883e3 cve-icon cve-icon
https://git.kernel.org/stable/c/e67d8c626ace80b0fa2b48c8ec0a46b508c93442 cve-icon cve-icon
https://git.kernel.org/stable/c/f6abac936a0dfd31d6c3e49205ec0ee75a8f887f cve-icon cve-icon
https://git.kernel.org/stable/c/ffbed27ba15ef80d1c622eeedbfef03e501ae134 cve-icon cve-icon
History

Fri, 01 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() The memcpy function assumes the dynamic array notif->matches is at least as large as the number of bytes to copy. Otherwise, results->matches may contain unwanted data. To guarantee safety, extend the validation in one of the checks to ensure sufficient packet length. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Title wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-01T14:15:06.506Z

Reserved: 2026-03-09T15:48:24.140Z

Link: CVE-2026-31779

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-01T15:16:41.330

Modified: 2026-05-01T15:24:14.893

Link: CVE-2026-31779

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-01T17:30:05Z

Weaknesses

No weakness.