{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22978", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.936Z", "datePublished": "2026-01-23T15:24:00.482Z", "dateUpdated": "2026-01-23T15:24:00.482Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-01-23T15:24:00.482Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: avoid kernel-infoleak from struct iw_point\n\nstruct iw_point has a 32bit hole on 64bit arches.\n\nstruct iw_point {\n void __user *pointer; /* Pointer to the data (in user space) */\n __u16 length; /* number of fields or size in bytes */\n __u16 flags; /* Optional params */\n};\n\nMake sure to zero the structure to avoid disclosing 32bits of kernel data\nto user space."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/wext-core.c", "net/wireless/wext-priv.c"], "versions": [{"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "d943b5f592767b107ba8c12a902f17431350378c", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "a3827e310b5a73535646ef4a552d53b3c8bf74f6", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "442ceac0393185e9982323f6682a52a53e8462b1", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "024f71a57d563fbe162e528c8bf2d27e9cac7c7b", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "e3c35177103ead4658b8a62f41e3080d45885464", "status": "affected", "versionType": "git"}, {"version": "87de87d5e47f94b4ea647a5bd1bc8dc1f7930db4", "lessThan": "21cbf883d073abbfe09e3924466aa5e0449e7261", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/wireless/wext-core.c", "net/wireless/wext-priv.c"], "versions": [{"version": "2.6.27", "status": "affected"}, {"version": "0", "lessThan": "2.6.27", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.248", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.198", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.161", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.121", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.66", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.6", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "5.10.248"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "5.15.198"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.1.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.6.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.12.66"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.18.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.19-rc5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378c"}, {"url": "https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6"}, {"url": "https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1"}, {"url": "https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8"}, {"url": "https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7b"}, {"url": "https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464"}, {"url": "https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261"}], "title": "wifi: avoid kernel-infoleak from struct iw_point", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: avoid kernel-infoleak from struct iw_point\n\nstruct iw_point has a 32bit hole on 64bit arches.\n\nstruct iw_point {\n void __user *pointer; /* Pointer to the data (in user space) */\n __u16 length; /* number of fields or size in bytes */\n __u16 flags; /* Optional params */\n};\n\nMake sure to zero the structure to avoid disclosing 32bits of kernel data\nto user space."}], "id": "CVE-2026-22978", "lastModified": "2026-01-23T16:15:53.783", "metrics": {}, "published": "2026-01-23T16:15:53.783", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/024f71a57d563fbe162e528c8bf2d27e9cac7c7b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/21cbf883d073abbfe09e3924466aa5e0449e7261"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/442ceac0393185e9982323f6682a52a53e8462b1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a3827e310b5a73535646ef4a552d53b3c8bf74f6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d21ec867d84c9f3a9845d7d8c90c9ce35dbe48f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d943b5f592767b107ba8c12a902f17431350378c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e3c35177103ead4658b8a62f41e3080d45885464"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}