CVE-2026-46125 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD. In this case, we must not keep the station since it's related to the link of the vif being removed. Delete an existing station. Any "new_sta" is already being removed, so that doesn't need changes. This fixes a use-after-free/double-free in debugfs if that's enabled, because a vif going from MLD (and to MLD, but that's not relevant here) recreates its entire debugfs.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-28 | Updated 2026-05-30 | Assigner Linux

HIGH: 8.8CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

unaffected

81151ce462e533551f3284bfdb8e0f461c9220e6 (git) before fe75fa1ac9a92990f7fc3d34b17808fd933071b2

affected

81151ce462e533551f3284bfdb8e0f461c9220e6 (git) before afcbaed89cdc1a001b43270cbf5394bb4804270a

affected

81151ce462e533551f3284bfdb8e0f461c9220e6 (git) before 9e28654f79f443bca9b29ff3ae7cf18abfba58a0

affected

81151ce462e533551f3284bfdb8e0f461c9220e6 (git) before 1c2b72ea89882aeb948340498391e69c58d466f1

affected

81151ce462e533551f3284bfdb8e0f461c9220e6 (git) before 283fc9e44ff5b5ac967439b4951b80bd4299f4e4

affected

Default status

affected

6.0

affected

Any version before 6.0

unaffected

6.6.140 (semver)

unaffected

6.12.88 (semver)

unaffected

6.18.30 (semver)

unaffected

7.0.7 (semver)

unaffected

7.1-rc3 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/fe75fa1ac9a92990f7fc3d34b17808fd933071b2

git.kernel.org/...c/afcbaed89cdc1a001b43270cbf5394bb4804270a

git.kernel.org/...c/9e28654f79f443bca9b29ff3ae7cf18abfba58a0

git.kernel.org/...c/1c2b72ea89882aeb948340498391e69c58d466f1

git.kernel.org/...c/283fc9e44ff5b5ac967439b4951b80bd4299f4e4

cve.org (CVE-2026-46125)

nvd.nist.gov (CVE-2026-46125)

Download JSON

help @ threatint.eu