CVE-2026-23246
Stack Out-of-Bounds Write in Linux mac80211 WiFi Component
Publication date: 2026-03-18
Last updated on: 2026-04-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's wifi mac80211 component, specifically in the handling of the ML Reconfiguration element. The issue arises because the link_id value, derived from the ML Reconfiguration element, can range from 0 to 15, but the array link_removal_timeout[] only has 15 elements (indexed 0 to 14). When link_id equals 15, it causes an out-of-bounds write on the stack. The fix involves skipping subelements where link_id is greater than or equal to the maximum allowed number of links to prevent this out-of-bounds write.
How can this vulnerability impact me? :
An out-of-bounds write vulnerability like this can lead to memory corruption, which may cause system instability, crashes, or potentially allow an attacker to execute arbitrary code with kernel privileges. This could compromise the security and reliability of the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know