CVE-2026-43172 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (which doesn't exist in hardware) then using "fwrt->smem_cfg.lmac[2]" is an overrun of the array. Reject such and use IWL_FW_CHECK instead of WARN_ON in this function.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-06 | Updated 2026-05-08 | Assigner Linux

HIGH: 8.8CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

unaffected

ebfa7f8ae155c9a0bb2e4038d6b5d8b14881c424 (git) before 1d49a42717bdc8de77eabeb5b7d3e88d141ffea9

affected

ebfa7f8ae155c9a0bb2e4038d6b5d8b14881c424 (git) before 2b4b1510aaaf5b9fb57327ecffc20c055f61f205

affected

ebfa7f8ae155c9a0bb2e4038d6b5d8b14881c424 (git) before 58192b9ce09b0f0f86e2036683bd542130b91a98

affected

Default status

affected

5.8

affected

Any version before 5.8

unaffected

6.18.16 (semver)

unaffected

6.19.6 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/1d49a42717bdc8de77eabeb5b7d3e88d141ffea9

git.kernel.org/...c/2b4b1510aaaf5b9fb57327ecffc20c055f61f205

git.kernel.org/...c/58192b9ce09b0f0f86e2036683bd542130b91a98

cve.org (CVE-2026-43172)

nvd.nist.gov (CVE-2026-43172)

Download JSON

help @ threatint.eu