CVE-2026-23325 PUBLISHED

wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()

Assigner: Linux
Reserved: 13.01.2026 Published: 25.03.2026 Updated: 25.03.2026

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()

Check frame length before accessing the mgmt fields in mt7996_mac_write_txwi_80211 in order to avoid a possible oob access.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 98686cd21624c75a043e96812beadddf4f6f48e5 to a6605f61913155e130bfd04d438c3ce1a572fb0f (excl.)
  • affected from 98686cd21624c75a043e96812beadddf4f6f48e5 to ca1adc04fc2cb1d9f1842e429debe6a520d54966 (excl.)
  • affected from 98686cd21624c75a043e96812beadddf4f6f48e5 to f4cdf6b43689e901a341e7147fcfb25057c38eae (excl.)
  • affected from 98686cd21624c75a043e96812beadddf4f6f48e5 to 45661d22639c4b747ef1bd0822b8e76e421a808a (excl.)
  • affected from 98686cd21624c75a043e96812beadddf4f6f48e5 to 60862846308627e9e15546bb647a00de44deb27b (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.2 is affected
  • unaffected from 0 to 6.2 (excl.)
  • unaffected from 6.6.130 to 6.6.* (incl.)
  • unaffected from 6.12.77 to 6.12.* (incl.)
  • unaffected from 6.18.17 to 6.18.* (incl.)
  • unaffected from 6.19.7 to 6.19.* (incl.)
  • unaffected from 7.0-rc3 to * (incl.)

References