CVE-2026-43172

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (which doesn't exist in hardware) then using "fwrt->smem_cfg.lmac[2]" is an overrun of the array. Reject such and use IWL_FW_CHECK instead of ...

high 8.8 CVSS 3.1

Published: May 6, 2026

Modified: May 8, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: fix 22000 series SMEM parsing

If the firmware were to report three LMACs (which doesn't
exist in hardware) then using "fwrt->smem_cfg.lmac[2]" is
an overrun of the array. Reject such and use IWL_FW_CHECK
instead of WARN_ON in this function.

References

https://git.kernel.org/stable/c/1d49a42717bdc8de77eabeb5b7d3e88d141ffea9
https://git.kernel.org/stable/c/2b4b1510aaaf5b9fb57327ecffc20c055f61f205
https://git.kernel.org/stable/c/58192b9ce09b0f0f86e2036683bd542130b91a98

Version	3.1
Score	8.8 / 10
Severity	high