CVE-2026-53022

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populate_enum_data() aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individual source string but then appends every string and separator with raw strcat() and no remaining-space check. Switch the aggregation loops to a bounded append helper and reject enumeration packages whose combined strings do not fit in the destination buffers. [ij: add include]
CVSS

No CVSS.

Configurations

No configuration.

History

24 Jun 2026, 17:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-24 17:17

Updated : 2026-06-24 17:17


NVD link : CVE-2026-53022

Mitre link : CVE-2026-53022

CVE.ORG link : CVE-2026-53022


JSON object : View

Products Affected

No product.

CWE

No CWE.