CVE-2026-22978

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-22978
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-22978.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-22978
Downstream
Related
Published
2026-01-23T15:24:00.482Z
Modified
2026-03-20T12:47:17.695577Z
Summary
wifi: avoid kernel-infoleak from struct iw_point
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: avoid kernel-infoleak from struct iw_point

struct iw_point has a 32bit hole on 64bit arches.

struct iw_point { void __user pointer; / Pointer to the data (in user space) / __u16 length; / number of fields or size in bytes / __u16 flags; / Optional params */ };

Make sure to zero the structure to avoid disclosing 32bits of kernel data to user space.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22978.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4
Fixed
d943b5f592767b107ba8c12a902f17431350378c
Fixed
a3827e310b5a73535646ef4a552d53b3c8bf74f6
Fixed
442ceac0393185e9982323f6682a52a53e8462b1
Fixed
d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8
Fixed
024f71a57d563fbe162e528c8bf2d27e9cac7c7b
Fixed
e3c35177103ead4658b8a62f41e3080d45885464
Fixed
21cbf883d073abbfe09e3924466aa5e0449e7261

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-22978.json"