CVE-2026-46271
Analyzed Analyzed - Analysis Complete

Wi-Fi WoW Offload Crash in Ath12k Driver

Vulnerability report for CVE-2026-46271, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-03

Last updated on: 2026-06-09

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it. Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.1.c5-00284-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-03
Last Modified
2026-06-09
Generated
2026-07-14
AI Q&A
2026-06-03
EPSS Evaluated
2026-07-12
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.16 (inc) to 6.18.14 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's wifi driver for ath12k devices. Specifically, when a multi-link connection is used, the WCN7850 firmware crashes because Wake on Wireless (WoW) offloads are enabled on both the primary and secondary links. The fix involves enabling WoW offloads only on the primary link to prevent the firmware crash.

Impact Analysis

If you are using a device with the WCN7850 firmware and a multi-link wifi connection, this vulnerability can cause the firmware to crash. This could lead to loss of wireless connectivity or instability in your network connection.

Mitigation Strategies

To mitigate this vulnerability, ensure that WoW (Wake on Wireless) offloads are enabled only on the primary link in multi-link connections for devices using the WCN7850 firmware.

This can be achieved by updating the Linux kernel to a version that includes the fix where WoW offloads are restricted to the primary link, preventing firmware crashes.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46271. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart