Description
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function.
Published: 2026-05-13
Score: 5.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow exists in the NXP moal.ko Wi‑Fi driver within the woal_init_module_param function, triggered by the mod_para parameter. This flaw can corrupt memory boundaries, allowing an attacker to overwrite control data and potentially execute arbitrary code with kernel privileges. Depending on the exact memory layout, the corruption could also lead to a denial‑of‑service by crashing the driver.

Affected Systems

The vulnerability affects NXP Wi‑Fi driver firmware versions from v17.92.1.p149.43 through v17.92.1.p149.157. Systems deploying these firmware releases, commonly found in embedded networking equipment and routers that use NXP’s wireless modules, are at risk.

Risk and Exploitability

The CVSS score of 5.6 indicates moderate severity, and the EPSS score is below 1%, suggesting a very low exploitation probability. The issue is not reported in the CISA KEV catalog, implying no confirmed public exploits yet. Driver parameters are often controllable by local users, so the attack vector is likely local but could be leveraged remotely if an attacker can influence module loading or configuration. Until a patched firmware is released, the risk remains significant for devices that allow the vulnerable module to be loaded with arbitrary parameters.

Generated by OpenCVE AI on May 14, 2026 at 17:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device’s Wi‑Fi firmware to a release that addresses the buffer overflow in moal.ko.
  • If an immediate firmware upgrade is not available, disable the ability to inject arbitrary values into mod_para by restricting module load parameters or set a known safe value via modprobe configuration.
  • Continuously monitor kernel logs and system stability for signs of crashes or unexpected behaviour that may indicate exploitation attempts.

Generated by OpenCVE AI on May 14, 2026 at 17:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Nxp
Nxp wi-fi Driver
Vendors & Products Nxp
Nxp wi-fi Driver

Thu, 14 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function.
References

Subscriptions

Nxp Wi-fi Driver
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-14T15:46:36.625Z

Reserved: 2025-03-11T00:00:00.000Z

Link: CVE-2025-29338

cve-icon Vulnrichment

Updated: 2026-05-14T15:43:02.120Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T16:16:35.190

Modified: 2026-05-14T16:16:19.160

Link: CVE-2025-29338

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T19:42:17Z

Weaknesses