Out-of-Bounds Write Vulnerability in Zephyr's WireGuard Subsystem
CVE-2026-10665
7.4HIGH
What is CVE-2026-10665?
The vulnerability within the WireGuard subsystem in Zephyr allows for an out-of-bounds write due to improper handling of an attacker-derived data length. When processing inbound transport-data, the function wg_process_data_message() linearizes data into a fixed buffer based on a potentially manipulated length, which does not adhere to bounds defined within the underlying operations. This flaw can lead to remote memory corruption or denial of service, especially when triggered by a malicious peer or on-path attacker, negatively impacting system integrity and availability.
Affected Version(s)
zephyr 4.4.0 < 4.5.0
