CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()

🗓️ 25 Mar 2026 10:27:18Reported by LinuxType

Fixed out-of-bounds access in mt7996_mac_write_txwi_80211 by validating frame length.

Reporter	Title	Published	Views	Family All 38
ATTACKERKB	CVE-2026-23325	25 Mar 202610:27	–	attackerkb
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
Circl	CVE-2026-23325	23 Apr 202623:26	–	circl
CNNVD	Linux kernel 安全漏洞	25 Mar 202600:00	–	cnnvd
CVE	CVE-2026-23325	25 Mar 202610:27	–	cve
Debian	[SECURITY] [DSA 6238-1] linux security update	30 Apr 202620:05	–	debian
Debian CVE	CVE-2026-23325	25 Mar 202610:27	–	debiancve
Tenable Nessus	Debian dsa-6238 : ata-modules-6.12.74+deb13+1-armmp-di - security update	30 Apr 202600:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20826-1)	1 Jun 202600:00	–	nessus
Tenable Nessus	SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)	8 Jun 202600:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/wireless/mediatek/mt76/mt7996/mac.c"
    ],
    "versions": [
      {
        "version": "98686cd21624c75a043e96812beadddf4f6f48e5",
        "lessThan": "a6605f61913155e130bfd04d438c3ce1a572fb0f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98686cd21624c75a043e96812beadddf4f6f48e5",
        "lessThan": "ca1adc04fc2cb1d9f1842e429debe6a520d54966",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98686cd21624c75a043e96812beadddf4f6f48e5",
        "lessThan": "f4cdf6b43689e901a341e7147fcfb25057c38eae",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98686cd21624c75a043e96812beadddf4f6f48e5",
        "lessThan": "45661d22639c4b747ef1bd0822b8e76e421a808a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "98686cd21624c75a043e96812beadddf4f6f48e5",
        "lessThan": "60862846308627e9e15546bb647a00de44deb27b",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/wireless/mediatek/mt76/mt7996/mac.c"
    ],
    "versions": [
      {
        "version": "6.2",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.2",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.130",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.77",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.17",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.7",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/45661d22639c4b747ef1bd0822b8e76e421a808a
git	www.git.kernel.org/stable/c/ca1adc04fc2cb1d9f1842e429debe6a520d54966
git	www.git.kernel.org/stable/c/a6605f61913155e130bfd04d438c3ce1a572fb0f
git	www.git.kernel.org/stable/c/f4cdf6b43689e901a341e7147fcfb25057c38eae
git	www.git.kernel.org/stable/c/60862846308627e9e15546bb647a00de44deb27b

11 May 2026 22:04Current

EPSS0.00018