Home

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt76_connac2_mac_write_txwi_80211 in order to avoid a possible oob access. [fix check to also cover mgmt->u.action.u.addba_req.capab, correct Fixes tag]

PUBLISHED Reserved 2026-01-13 | Published 2026-03-25 | Updated 2026-05-11 | Assigner Linux

Product status

Default status
unaffected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 84419556359bc96d3fe1623d47a64c86542566cc
affected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 7ae7b093b7dba9548a3bc4766b9364b97db4732d
affected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 7b692dff8df0ba5feb8df00f27d906d6eb1fe627
affected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 9612d91f617231e03c49cb9b0c02f975a3b4f51f
affected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 0fb3b94a9431a3800717e5c3b6fa2e1045a15029
affected

577dbc6c656da6997dddc6cf842b7954588f2d4e (git) before 4e10a730d1b511ff49723371ed6d694dd1b2c785
affected

Default status
affected

5.10
affected

Any version before 5.10
unaffected

6.1.167 (semver)
unaffected

6.6.130 (semver)
unaffected

6.12.77 (semver)
unaffected

6.18.17 (semver)
unaffected

6.19.7 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/84419556359bc96d3fe1623d47a64c86542566cc

git.kernel.org/...c/7ae7b093b7dba9548a3bc4766b9364b97db4732d

git.kernel.org/...c/7b692dff8df0ba5feb8df00f27d906d6eb1fe627

git.kernel.org/...c/9612d91f617231e03c49cb9b0c02f975a3b4f51f

git.kernel.org/...c/0fb3b94a9431a3800717e5c3b6fa2e1045a15029

git.kernel.org/...c/4e10a730d1b511ff49723371ed6d694dd1b2c785

cve.org (CVE-2026-23315)

nvd.nist.gov (CVE-2026-23315)

Download JSON