CVE-2026-23152
Unknown Unknown - Not Provided
Buffer Overflow in Linux mac80211 TTLM Parsing Vulnerability

Publication date: 2026-02-14

Last updated on: 2026-03-17

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access points should not explicitly report an advertised TTLM with a default mapping as that is the implied mapping if the element is not included, this is even the case when switching back to the default mapping. However, mac80211 would incorrectly parse the frame and would also read one byte beyond the end of the element.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-14
Last Modified
2026-03-17
Generated
2026-06-16
AI Q&A
2026-02-14
EPSS Evaluated
2026-06-14
NVD
CVE-2026-23152
EUVD
EUVD-2026-5885
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.7 (inc) to 6.18.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's mac80211 wireless subsystem. It involves the incorrect decoding of TID-To-Link Mapping (TTLM) elements when a default link mapping is used. Specifically, TTLM elements do not include an indicator for the presence of a link mapping if the default mapping is applied, and parsing should be skipped in this case. However, mac80211 incorrectly parses such frames and reads one byte beyond the end of the TTLM element.

Impact Analysis

The vulnerability could lead to improper parsing of wireless frames in the Linux kernel, potentially causing unexpected behavior or memory access beyond intended boundaries. This could result in system instability, crashes, or potentially be exploited to execute arbitrary code or cause denial of service, depending on the context and attacker capabilities.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23152. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart