CVE-2026-46163 — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/cve-2026-46163/Trending threats, MITRE ATT&CK coverage, and detection metadata. Fed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 29 May 2026 07:24:51 +0000CVE-2026-46163 wifi: b43legacy Firmware Key Index Vulnerabilityhttps://feed.craftedsignal.io/briefs/2026-05-cve-2026-46163/Fri, 29 May 2026 07:24:51 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-cve-2026-46163/CVE-2026-46163 is a vulnerability in the b43legacy WiFi driver related to a missing bounds check on the firmware key index in the RX path, potentially leading to memory corruption.CVE-2026-46163 involves a security flaw within the b43legacy WiFi driver, specifically regarding the handling of firmware key indices during RX (receive) operations. The vulnerability stems from the absence of proper bounds checking on the firmware key index before it’s used to access memory. This oversight could allow an attacker to potentially read from or write to arbitrary memory locations, leading to denial-of-service, information disclosure, or potentially arbitrary code execution. Due to the low-level nature of the vulnerability, successful exploitation could have significant impact on the system’s stability and security. This vulnerability impacts systems utilizing the affected WiFi driver.

Attack Chain

  1. An attacker sends a maliciously crafted WiFi packet to the target device.
  2. The device’s WiFi adapter receives the packet and passes it to the b43legacy driver.
  3. The driver attempts to process the received packet, including decrypting it using a key from the firmware.
  4. Due to the missing bounds check, a crafted packet provides an out-of-bounds key index value.
  5. The driver uses this invalid index to access the firmware key table.
  6. This leads to an out-of-bounds memory access.
  7. The out-of-bounds memory access results in a read or write to an unintended memory location.
  8. Depending on the memory location accessed, the attacker can trigger a denial-of-service condition or potentially execute arbitrary code.

Impact

Successful exploitation of CVE-2026-46163 can result in a denial-of-service condition due to a system crash. In more severe scenarios, an attacker could leverage this vulnerability to gain arbitrary code execution on the target system, potentially leading to complete system compromise. The number of potential victims depends on the prevalence of the vulnerable b43legacy WiFi driver and the attacker’s targeting scope.

Recommendation

  • Apply the security patch released by Microsoft to address CVE-2026-46163 immediately to prevent potential exploitation.
  • Monitor systems using the b43legacy WiFi driver for unusual activity, such as unexpected crashes or memory access violations.
  • Deploy the Sigma rules in this brief to your SIEM to detect potential exploitation attempts.
]]>highadvisorywifimemory corruptiondriver vulnerabilityCVE-2026-46163