wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()

...

UBUNTU-CVE-2026-23325

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...

CVE-2026-23363

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7925macwritetxwi80211 in order to avoid a possible oob access...

CVE-2026-23325

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...

PT-2026-27728

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s wifi subsystem, specifically within the mt76 and mt7925 components. The issue involves a potential out-of-bounds access within the mt7925 mac write tx...

CVE-2023-53203

CVE-2023-53203 concerns the Linux kernel MT7996/MT76 WiFi driver. A NULL pointer dereference in mt7996_mac_write_txwi() of the vif pointer is mitigated by exporting and reusing the mt76_connac2_mac_tx_rate_val utility, applied in the mt7996 driver. The fix is kernel-side (export utility and integ...

PT-2025-37645

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential NULL pointer dereference issue was identified and resolved in the mt7996 mac write txwi function when handling the vif pointer within the mt76 and mt7996 drivers. The fix...