CVE-2026-46136

HIGH

wifi: mt76: mt7921: fix a potential clc buffer length underflow

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buf_len is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in CLC. This underflow leads to an almost infinite loop or an invalid power setting resulting in driver initialization failure.

Scores

CVSS v3 7.8
EPSS 0.0013
EPSS Percentile 2.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (27)
linux/Kernel < 6.1.175linux
linux/Kernel 6.13.0 - 7.0.7linux
linux/Kernel 6.2.0 - 6.6.140linux
linux/Kernel 6.7.0 - 6.12.88linux
linux/Kernel 6.8.0 - 6.18.30linux
Linux/Linux < 6.8
Linux/Linux 0c9318d49e501a5d50b02bd91a4813bde2353488
Linux/Linux 0c9318d49e501a5d50b02bd91a4813bde2353488 - 2a79b1a492bcfa725383b6580cd93a6862308c85
Linux/Linux 15173a1697236793e9e900b82fece6f99d41b2a7 - e451c325b000b9a0081fd93bc6d103d6943d4b55
Linux/Linux 5c8cac512844ad593d31258e215908014381bee2
... and 17 more
Published May 28, 2026
Tracked Since May 28, 2026