CVE-2026-22978

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the iw point structure within the Wi-Fi subsystem. The iw point structure contains a 32-bit hole on 64-bit architectures. This can lead to the disclosure of 32 bits of kernel data to user space. The issue arises because the structure is not properly zeroed, potentially exposing sensitive kernel information. The structure iw point includes the following members: pointer (a pointer to data in user space), length (the number of fields or size in bytes), and flags (optional parameters).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

AZL-78452

CVE-2026-22978

ECHO-6D76-ABAA-B039

OESA-2026-1760

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:0447-1

SUSE-SU-2026:0472-1

SUSE-SU-2026:0473-1

SUSE-SU-2026:0587-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8096-5

USN-8116-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8243-1

USN-8278-1

USN-8278-2

USN-8289-1

USN-8289-2

USN-8296-1

USN-8296-2

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2026-22978

Related Identifiers

Affected Products

References · 2455