7.8
CVE-2026-46122
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:37
- Zuletzt bearbeitet 24.06.2026 16:51:28
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: b43: enforce bounds check on firmware key index in b43_rx()
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43_rx() The firmware-controlled key index in b43_rx() can exceed the dev->key[] array size (58 entries). The existing B43_WARN_ON is non-enforcing in production builds, allowing an out-of-bounds read. Make the B43_WARN_ON check enforcing by dropping the frame when the firmware returns an invalid key index.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.24 < 5.10.258
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.209
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.175
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.140
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.88
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.30
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.7
Linux ≫ Linux Kernel Version7.1 Updaterc1
Linux ≫ Linux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.029 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/c3d7b90dc95020cd9282c4630e402fe224f7644e
https://git.kernel.org/stable/c/1e9e55cf66f0fa4799f4d86ef3aaba8e606b5c14
https://git.kernel.org/stable/c/d7029879bafdac2006c67553807d122283dc6cbf
https://git.kernel.org/stable/c/219ba67e69e49681e48c822d6eaafb5def032f34
https://git.kernel.org/stable/c/1f4f78bf8549e6ac4f04fba4176854f3a6e0c332
https://git.kernel.org/stable/c/135cb49c9a42a02cceeac7b49ec03e267f7ed6d6
https://git.kernel.org/stable/c/3157ad40b084a8f3932da2641749ab45e99b933e
https://git.kernel.org/stable/c/765709720e6af9a178abc40244a8d1aa39ac4e71