Out-of-bounds Write in kernel-zfcpdump-devel-matched | CVE-2026-23246

Threat Intelligence

0.02% (6^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Out-of-bounds Write vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-RHEL10-KERNELZFCPDUMPDEVELMATCHED-15709304
published20 Mar 2026
disclosed18 Mar 2026

Report a new vulnerability Found a mistake?

Introduced: 18 Mar 2026

CVE-2026-23246 (opens in a new tab) CWE-787 (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-devel-matched package and not the kernel-zfcpdump-devel-matched package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration

link_id is taken from the ML Reconfiguration element (control & 0x000f), so it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM_LINKS (15) elements, so index 15 is out-of-bounds. Skip subelements with link_id >= IEEE80211_MLD_MAX_NUM_LINKS to avoid a stack out-of-bounds write.

Out-of-bounds Write The advisory has been revoked - it doesn't affect any version of package kernel-zfcpdump-devel-matched (opens in a new tab)