CVE-2026-43052 PUBLISHED

wifi: mac80211: check tdls flag in ieee80211_tdls_oper

Assigner: Linux
Reserved: 01.05.2026 Published: 01.05.2026 Updated: 02.05.2026

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: check tdls flag in ieee80211_tdls_oper

When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operation to proceed for non-TDLS stations, causing unintended side effects like modifying channel context and HT protection before failing.

Add a check for sta->sta.tdls early in the ENABLE_LINK case, before any side effects occur, to ensure the operation is only allowed for actual TDLS peers.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 941c93cd039852b7ab02c74f4698c99d82bd6cfe to 8148c2fda4ebb17104a573649c9b699208ad10ee (excl.)
  • affected from 941c93cd039852b7ab02c74f4698c99d82bd6cfe to be81f17151fcb8546a95f35ca8f4231b065985de (excl.)
  • affected from 941c93cd039852b7ab02c74f4698c99d82bd6cfe to e77b2937aaa20264e4bd699d3244bdb50e7e3343 (excl.)
  • affected from 941c93cd039852b7ab02c74f4698c99d82bd6cfe to 7d73872d949c488a1d7c308031d6a9d89b5e0a8b (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 3.2 is affected
  • unaffected from 0 to 3.2 (excl.)
  • unaffected from 6.12.81 to 6.12.* (incl.)
  • unaffected from 6.18.22 to 6.18.* (incl.)
  • unaffected from 6.19.12 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References