CVE-2026-31780 in Linux정보

요약

\~에 의해 MITRE • 2026. 05. 01.

In the Linux kernel, the following vulnerability has been resolved:

wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation

The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID contributes up to 33 bytes (IEEE80211_MAX_SSID_LEN + 1), and with WILC_MAX_NUM_PROBED_SSID (10) SSIDs the total can reach 330, which wraps around to 74 when stored in a u8.

This causes kmalloc to allocate only 75 bytes while the subsequent memcpy writes up to 331 bytes into the buffer, resulting in a 256-byte heap buffer overflow.

Widen valuesize from u8 to u32 to accommodate the full range.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Linux

예약하다

2026. 03. 09.

공개

2026. 05. 01.

모더레이션

수락

항목

VDB-360685

CPE

준비됨

CWE

CWE-120 (확인됨)

CVSS

8.0 (VulDB)

EPSS

0.00015

KEV

아니요

활동

매우 낮음

부문

Lawfirm, Hospital, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-31780
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-31780
CVE Details	https://www.cvedetails.com/cve/CVE-2026-31780/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!