By weakness (CWE)

CWE-787: related vulnerabilities

CVEs classified under CWE-787. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

3 published vulnerabilities

  • CVE-2026-46136HIGH 7.8

    A flaw in the Linux kernel's MT7921 Wi-Fi driver can cause a buffer length counter to drop below zero under specific conditions when the driver processes country power settings from the Carrier List Configuration (CLC). This underflow triggers either an excessive loop that nearly hangs the system or applies an invalid power setting, preventing the driver from initializing properly. An attacker with local access could exploit this to degrade Wi-Fi functionality or trigger a denial of service.

  • CVE-2026-46145HIGH 7.8

    CVE-2026-46145 is a memory corruption vulnerability in the Linux kernel's RDMA/mana driver. An unprivileged local user can manipulate a parameter called rx_hash_key_len from user space to cause an unbounded memory copy operation, corrupting kernel memory. The vulnerability stems from insufficient validation of user-supplied input before it is passed to a memory copy function, creating a path for local privilege escalation or system crash.

  • CVE-2026-46123HIGH 7.7

    A vulnerability in the Linux kernel's Bluetooth virtio backend driver allows a malicious or buggy virtual device to expose uninitialized kernel memory to unprivileged processes. The driver fails to properly validate the length of data reported by the virtual device, permitting reads beyond the intended 1000-byte receive buffer. An attacker with the ability to control a virtio Bluetooth backend—such as a compromised hypervisor or malicious VM—can leak sensitive kernel heap data or trigger denial of service. This is a local attack requiring some form of device emulation control, but it directly compromises memory isolation guarantees in virtualized environments.