CVE-2026-43052
Buffer Overflow in Linux Kernel WiFi Subsystem
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's wifi mac80211 component, specifically in the handling of the TDLS (Tunneled Direct Link Setup) flag within the ieee80211_tdls_oper function.
When the NL80211_TDLS_ENABLE_LINK operation is called, the code only verifies if the station exists but does not confirm whether the station is actually a TDLS station.
Because of this missing check, the operation can proceed for non-TDLS stations, which leads to unintended side effects such as modifying the channel context and HT protection settings before the operation ultimately fails.
The fix involves adding an early check for the TDLS flag (sta->sta.tdls) in the ENABLE_LINK case to ensure that the operation is only allowed for actual TDLS peers, preventing these side effects.
How can this vulnerability impact me? :
This vulnerability can cause unintended modifications to the wireless channel context and HT protection settings when the system mistakenly treats non-TDLS stations as TDLS peers.
Such unintended side effects could potentially disrupt normal wireless communication or degrade network performance by altering wireless parameters incorrectly.
However, the operation eventually fails, so the impact may be limited to temporary misconfigurations or instability in the wireless connection.