-

CVE-2026-53022

platform/x86: dell-wmi-sysman: bound enumeration string aggregation

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: dell-wmi-sysman: bound enumeration string aggregation

populate_enum_data() aggregates firmware-provided value-modifier
and possible-value strings into fixed 512-byte struct members.
The current code bounds each individual source string but then
appends every string and separator with raw strcat() and no
remaining-space check.

Switch the aggregation loops to a bounded append helper and
reject enumeration packages whose combined strings do not fit
in the destination buffers.

[ij: add include]
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < 7b3dc1f764bf24eb99474a5de8173b0b43a8b071
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < 75c738d4f27fa18a2a033de153bd40302bde6a66
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < ba0843c1955864401295f7ba3b420afe19f2266d
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < 5a04f9a36930792f6d64e28d43609e158d09b665
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < c5683ca4949a514fbe656c6d0d08c4c126e21db9
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < 90b118d264845f7aaf539ac49f7c75f1f29590e2
Status affected
Version e8a60aa7404bfef37705da5607c97737073ac38d
Version < 3c34471c26abc52a37f5ad90949e2e4b8027eb14
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.11
Status affected
Version 0
Version < 5.11
Status unaffected
Version <= 5.15.*
Version 5.15.209
Status unaffected
Version <= 6.1.*
Version 6.1.175
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.069
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/7b3dc1f764bf24eb99474a5de8173b0b43a8b071
https://git.kernel.org/stable/c/75c738d4f27fa18a2a033de153bd40302bde6a66
https://git.kernel.org/stable/c/ba0843c1955864401295f7ba3b420afe19f2266d
https://git.kernel.org/stable/c/5a04f9a36930792f6d64e28d43609e158d09b665
https://git.kernel.org/stable/c/c5683ca4949a514fbe656c6d0d08c4c126e21db9
https://git.kernel.org/stable/c/90b118d264845f7aaf539ac49f7c75f1f29590e2
https://git.kernel.org/stable/c/3c34471c26abc52a37f5ad90949e2e4b8027eb14