Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration link_id is taken from the ML Reconfiguration element (control & 0x000f), so it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM_LINKS (15) elements, so index 15 is out-of-bounds. Skip subelements with link_id >= IEEE80211_MLD_MAX_NUM_LINKS to avoid a stack out-of-bounds write.

INFO

Published Date :

2026-03-18T10:05:08.312Z

Last Modified :

2026-04-13T06:03:03.529Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23246 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23246.

URL Resource
https://git.kernel.org/stable/c/162d331d833dc73a3e905a24c44dd33732af1fc5 cve-icon cve-icon
https://git.kernel.org/stable/c/650981e718e68005ca2760a6358134b8a98ebea4 cve-icon cve-icon
https://git.kernel.org/stable/c/bfde158d5d1322c0c2df398a8d1ccce04943be2e cve-icon cve-icon
https://git.kernel.org/stable/c/d58d71c2167601762351962b9604808d3be94400 cve-icon cve-icon
https://git.kernel.org/stable/c/f35ceec54d48e227fa46f8f97fd100a77b8eab15 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23246-d29e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23246 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23246 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact