CVE-2026-31779 Linux CVE debrief

Who should care

Linux kernel maintainers, distribution security teams, and operators of systems that use Intel Wi‑Fi hardware and the iwlwifi driver should care most. Security teams managing desktops, laptops, and embedded devices with active wireless use should prioritize validation and patch rollout.

Technical summary

The flaw is described as a potential out-of-bounds read in iwl_mvm_nd_match_info_handler(). The root issue is that memcpy assumes notif->matches is large enough for the bytes being copied; if the packet length checks are not strict enough, results->matches may contain unintended data. NVD maps the issue to CWE-125 and lists CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H.

Defensive priority

High. The CVSS score is 8.1 and the attack vector is adjacent, which makes timely patching important for any environment that exposes Intel wireless networking on Linux systems.

Recommended defensive actions

• Apply the Linux kernel fixes referenced by NVD for CVE-2026-31779.
• Prioritize patched kernel builds for affected branches listed by NVD, including 6.1, 6.2, 6.7, 6.13, 6.19, and 7.0 release candidates.
• If immediate patching is not possible, reduce exposure by limiting unnecessary wireless operation on vulnerable systems where operationally feasible.
• Track vendor kernel backports from your distribution, since this is a kernel driver issue and fixes may arrive through distro security updates.
• Verify deployed kernels against the affected version ranges before declaring systems remediated.

Evidence notes

All statements are based on the supplied CVE description and NVD metadata. NVD identifies the weakness as CWE-125 and provides CVSS vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. NVD also lists affected kernel version ranges and multiple stable.kernel.org patch references. No exploit details beyond the provided description are included.

Official resources