CVE-2026-23325

HIGH

wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt7996_mac_write_txwi_80211 in order to avoid a possible oob access.

References (5)

https://git.kernel.org/stable/c/a6605f61913155e130bfd04d438c3ce1a572fb0f

https://git.kernel.org/stable/c/ca1adc04fc2cb1d9f1842e429debe6a520d54966

https://git.kernel.org/stable/c/f4cdf6b43689e901a341e7147fcfb25057c38eae

https://git.kernel.org/stable/c/45661d22639c4b747ef1bd0822b8e76e421a808a

https://git.kernel.org/stable/c/60862846308627e9e15546bb647a00de44deb27b

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (20)

linux/Kernel 6.13.0 - 6.18.17linux

linux/Kernel 6.19.0 - 6.19.7linux

linux/Kernel 6.2.0 - 6.6.130linux

linux/Kernel 6.7.0 - 6.12.77linux

Linux/Linux < 6.2

Linux/Linux 6.12.77 - 6.12.*

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

Linux/Linux 6.2

Linux/Linux 6.6.130 - 6.6.*

... and 10 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026