CVE-2026-23363
Out-of-Bounds Access in Linux mt7925 WiFi Driver Fixed
Publication date: 2026-03-25
Last updated on: 2026-04-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.7 |
| linux | linux_kernel | From 6.19 (inc) to 6.19.7 (exc) |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | 7.0 |
| linux | linux_kernel | From 6.13 (inc) to 6.18.17 (exc) |
| linux | linux_kernel | From 6.7.1 (inc) to 6.12.77 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's wifi driver for the mt7925 chipset. It involves a possible out-of-bounds (oob) memory access in the function mt7925_mac_write_txwi_80211. The issue arises because the frame length was not properly checked before accessing management fields, which could lead to accessing memory outside the intended bounds.
How can this vulnerability impact me? :
A possible out-of-bounds access vulnerability can lead to undefined behavior such as memory corruption, crashes, or potentially allow an attacker to execute arbitrary code or cause denial of service. The exact impact depends on how the vulnerability is exploited in the context of the Linux kernel's wifi driver.