CVE-2026-46136
Buffer Length Underflow in Linux Kernel mt76 WiFi Driver
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
| linux_kernel | linux_kernel | * |
| linux_kernel | mt76 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's wifi driver for the mt76 chipset, specifically the mt7921 model. It involves a potential buffer length underflow in the country power setting retrieval process. The buffer length (buf_len) is used to limit iterations when retrieving power settings, but under certain conditions related to changes in the power table in CLC, this length can underflow.
This underflow can cause an almost infinite loop or result in an invalid power setting, which leads to failure during the driver initialization.
How can this vulnerability impact me? :
The impact of this vulnerability is that the wifi driver for the mt7921 chipset may fail to initialize properly due to an infinite loop or invalid power settings caused by the buffer length underflow.
This could result in loss of wifi functionality or instability in systems using this driver, potentially affecting connectivity and network-dependent operations.