CVE-2026-43110

HIGH 8.8

wifi: brcmfmac: validate bsscfg indices in IF events

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmf_fweh_handle_if_event() validates the firmware-provided interface index before it touches drvr->iflist[], but it still uses the raw bsscfgidx field as an array index without a matching range check. Reject IF events whose bsscfg index does not fit in drvr->iflist[] before indexing the interface array. [add missing wifi prefix]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 6, 2026
Last Updated	Jun 1, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Linux / Linux

2880b86859967af710c72f7d34fb421a86a71e22 < b329fbcf075949a038045d8e9b86ae3d5bbd8a54 2880b86859967af710c72f7d34fb421a86a71e22 < 2ae3ccb78c0a9ef5ee3d80d02ab319ac1d5af734 2880b86859967af710c72f7d34fb421a86a71e22 < 9c81bcc2c695e0082012a2a3d36a0eefaa51579c 2880b86859967af710c72f7d34fb421a86a71e22 < 3ec7437e9d11374105c2c4e47ae671537729d7e6 2880b86859967af710c72f7d34fb421a86a71e22 < 9fca68c2512a362cad258e4df12a307bb2ee4b8e 2880b86859967af710c72f7d34fb421a86a71e22 < 1ae1e1caa428844e481231f6dbe9b4f475f1d52d 2880b86859967af710c72f7d34fb421a86a71e22 < b427c2b05222db36d32ee141609de6128e9091bb 2880b86859967af710c72f7d34fb421a86a71e22 < 304950a467d83678bd0b0f46331882e2ac23b12d

Linux / Linux

3.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗