CVE-2026-23325

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt7996_mac_write_txwi_80211 in order to avoid a possible oob access.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/45661d22639c4b747ef1bd0822b8e76e421a808a	Patch
https://git.kernel.org/stable/c/60862846308627e9e15546bb647a00de44deb27b	Patch
https://git.kernel.org/stable/c/a6605f61913155e130bfd04d438c3ce1a572fb0f	Patch
https://git.kernel.org/stable/c/ca1adc04fc2cb1d9f1842e429debe6a520d54966	Patch
https://git.kernel.org/stable/c/f4cdf6b43689e901a341e7147fcfb25057c38eae	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.2:-::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc3::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc4::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc5::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc6::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc7::::::

History

23 Apr 2026, 21:11

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel:7.0:rc1:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc6:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc7:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:7.0:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.2:-:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc4:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc3:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc5::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.1
CWE		CWE-125
Summary		(es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: wifi: mt76: mt7996: Corrección de posible acceso fuera de límites en mt7996_mac_write_txwi_80211() Verificar la longitud del frame antes de acceder a los campos mgmt en mt7996_mac_write_txwi_80211 para evitar un posible acceso fuera de límites.
References	~~() https://git.kernel.org/stable/c/45661d22639c4b747ef1bd0822b8e76e421a808a -~~	() https://git.kernel.org/stable/c/45661d22639c4b747ef1bd0822b8e76e421a808a - Patch
References	~~() https://git.kernel.org/stable/c/60862846308627e9e15546bb647a00de44deb27b -~~	() https://git.kernel.org/stable/c/60862846308627e9e15546bb647a00de44deb27b - Patch
References	~~() https://git.kernel.org/stable/c/a6605f61913155e130bfd04d438c3ce1a572fb0f -~~	() https://git.kernel.org/stable/c/a6605f61913155e130bfd04d438c3ce1a572fb0f - Patch
References	~~() https://git.kernel.org/stable/c/ca1adc04fc2cb1d9f1842e429debe6a520d54966 -~~	() https://git.kernel.org/stable/c/ca1adc04fc2cb1d9f1842e429debe6a520d54966 - Patch
References	~~() https://git.kernel.org/stable/c/f4cdf6b43689e901a341e7147fcfb25057c38eae -~~	() https://git.kernel.org/stable/c/f4cdf6b43689e901a341e7147fcfb25057c38eae - Patch

25 Mar 2026, 11:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-25 11:16

Updated : 2026-04-23 21:11

NVD link : CVE-2026-23325

Mitre link : CVE-2026-23325

CVE.ORG link : CVE-2026-23325

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-125

Out-of-bounds Read

7.1 /10