CVE-2026-23315
Received Received - Intake
Out-of-Bounds Access in Linux mt76 WiFi Driver Fixed

Publication date: 2026-03-25

Last updated on: 2026-04-23

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt76_connac2_mac_write_txwi_80211 in order to avoid a possible oob access. [fix check to also cover mgmt->u.action.u.addba_req.capab, correct Fixes tag]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-04-23
Generated
2026-06-16
AI Q&A
2026-03-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23315
EUVD
EUVD-2026-15261
Affected Vendors & Products
Showing 13 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.10
linux linux_kernel From 6.19 (inc) to 6.19.7 (exc)
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 5.10.1 (inc) to 6.1.167 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.17 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.130 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.77 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's wifi driver mt76, specifically in the function mt76_connac2_mac_write_txwi_80211. It involves a possible out-of-bounds (oob) access due to insufficient checking of the frame length before accessing management fields.

The fix involves adding a check on the frame length to ensure safe access to the management fields, preventing potential out-of-bounds memory access.

Impact Analysis

A possible out-of-bounds access vulnerability can lead to memory corruption, which might cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the mt76 driver, specifically addressing the out-of-bounds access in mt76_connac2_mac_write_txwi_80211.

This fix involves checking the frame length before accessing management fields to avoid possible out-of-bounds access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23315. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart