{"id":"CVE-2024-26610","summary":"wifi: iwlwifi: fix a memory corruption","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we'll write past the buffer.","modified":"2026-05-28T03:54:02.881177999Z","published":"2024-02-29T15:52:15.796Z","related":["SUSE-SU-2024:1641-1","SUSE-SU-2024:1642-1","SUSE-SU-2024:1644-1","SUSE-SU-2024:1645-1","SUSE-SU-2024:1647-1","SUSE-SU-2024:1659-1","SUSE-SU-2024:1663-1","SUSE-SU-2024:1677-1","SUSE-SU-2024:1679-1","SUSE-SU-2024:1680-1","SUSE-SU-2024:1682-1","SUSE-SU-2024:1683-1","SUSE-SU-2024:1685-1","SUSE-SU-2024:1695-1","SUSE-SU-2024:1696-1","SUSE-SU-2024:1705-1","SUSE-SU-2024:1706-1","SUSE-SU-2024:1707-1","SUSE-SU-2024:1708-1","SUSE-SU-2024:1711-1","SUSE-SU-2024:1720-1","SUSE-SU-2024:1723-1","SUSE-SU-2024:1726-1","SUSE-SU-2024:1731-1","SUSE-SU-2024:1732-1","SUSE-SU-2024:1736-1","SUSE-SU-2024:1738-1","SUSE-SU-2024:1739-1","SUSE-SU-2024:1740-1","SUSE-SU-2024:1746-1","SUSE-SU-2024:1748-1","SUSE-SU-2024:1749-1","SUSE-SU-2024:1750-1","SUSE-SU-2024:1751-1","SUSE-SU-2024:1753-1","SUSE-SU-2024:1757-1","SUSE-SU-2024:1759-1","SUSE-SU-2024:1760-1","SUSE-SU-2024:2092-1","SUSE-SU-2024:2100-1","SUSE-SU-2024:2101-1","SUSE-SU-2024:2139-1","SUSE-SU-2024:2148-1","SUSE-SU-2024:2162-1","SUSE-SU-2024:2163-1","SUSE-SU-2024:2191-1","SUSE-SU-2024:2207-1","SUSE-SU-2024:2208-1","SUSE-SU-2024:2209-1","SUSE-SU-2024:2335-1","SUSE-SU-2024:2337-1","SUSE-SU-2024:2357-1","SUSE-SU-2024:2373-1","SUSE-SU-2024:2382-1","SUSE-SU-2024:2446-1","SUSE-SU-2024:2447-1","SUSE-SU-2024:2448-1","SUSE-SU-2024:2472-1","SUSE-SU-2024:2473-1","SUSE-SU-2024:2722-1","SUSE-SU-2024:2725-1","SUSE-SU-2024:2751-1","SUSE-SU-2024:2755-1","SUSE-SU-2024:2773-1","SUSE-SU-2024:2824-1","SUSE-SU-2024:2825-1","SUSE-SU-2024:2840-1","SUSE-SU-2024:2843-1","SUSE-SU-2024:2850-1","SUSE-SU-2024:2851-1","SUSE-SU-2024:3034-1","SUSE-SU-2024:3048-1","SUSE-SU-2024:3318-1","SUSE-SU-2024:3336-1","SUSE-SU-2024:3347-1","SUSE-SU-2024:3348-1","SUSE-SU-2024:3368-1","SUSE-SU-2024:3375-1","SUSE-SU-2024:3379-1","SUSE-SU-2024:3399-1","SUSE-SU-2024:3623-1","SUSE-SU-2024:3631-1","SUSE-SU-2024:3639-1","SUSE-SU-2024:3651-1","SUSE-SU-2024:3652-1","SUSE-SU-2024:3679-1","SUSE-SU-2024:3694-1","SUSE-SU-2024:3695-1","SUSE-SU-2024:3696-1","SUSE-SU-2024:3697-1","SUSE-SU-2024:3793-1","SUSE-SU-2024:3798-1","SUSE-SU-2024:3814-1","SUSE-SU-2024:3815-1","SUSE-SU-2024:3829-1","SUSE-SU-2024:3830-1","SUSE-SU-2024:3837-1","SUSE-SU-2024:3842-1","SUSE-SU-2024:3851-1","SUSE-SU-2024:3852-1","SUSE-SU-2024:3855-1","SUSE-SU-2024:4122-1","SUSE-SU-2024:4123-1","SUSE-SU-2024:4124-1","SUSE-SU-2024:4214-1","SUSE-SU-2024:4216-1","SUSE-SU-2024:4218-1","SUSE-SU-2024:4234-1","SUSE-SU-2024:4235-1","SUSE-SU-2024:4256-1","SUSE-SU-2024:4264-1","SUSE-SU-2024:4266-1","SUSE-SU-2025:0101-1","SUSE-SU-2025:0106-1","SUSE-SU-2025:0107-1","SUSE-SU-2025:0109-1","SUSE-SU-2025:0114-1","SUSE-SU-2025:0115-1","SUSE-SU-2025:0150-1","SUSE-SU-2025:0158-1","SUSE-SU-2025:0240-1","SUSE-SU-2025:0244-1","SUSE-SU-2025:0248-1","SUSE-SU-2025:0251-1","SUSE-SU-2025:0252-1","SUSE-SU-2025:0253-1","SUSE-SU-2025:0261-1","SUSE-SU-2025:0266-1","USN-6818-2","USN-6819-2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26610.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/05dd9facfb9a1e056752c0901c6e86416037d15a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/870171899d75d43e3d14360f3a4850e90a9c289b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa2cc9363926991ba74411e3aa0a0ea82c1ffe32"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26610.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26610"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"cf29c5b66b9f83939367d90679eb68cdfa2f0356"},{"fixed":"05dd9facfb9a1e056752c0901c6e86416037d15a"},{"fixed":"99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd"},{"fixed":"aa2cc9363926991ba74411e3aa0a0ea82c1ffe32"},{"fixed":"870171899d75d43e3d14360f3a4850e90a9c289b"},{"fixed":"f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67"},{"fixed":"cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26610.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.210"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.149"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.76"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.15"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.7.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26610.json"}}],"schema_version":"1.7.5"}