{"id":"CVE-2026-23315","summary":"wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()\n\nCheck frame length before accessing the mgmt fields in\nmt76_connac2_mac_write_txwi_80211 in order to avoid a possible oob\naccess.\n\n[fix check to also cover mgmt-\u003eu.action.u.addba_req.capab,\ncorrect Fixes tag]","modified":"2026-04-02T13:12:21.040952Z","published":"2026-03-25T10:27:10.115Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23315.json","cna_assigner":"Linux"},"references":[{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0fb3b94a9431a3800717e5c3b6fa2e1045a15029"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4e10a730d1b511ff49723371ed6d694dd1b2c785"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7ae7b093b7dba9548a3bc4766b9364b97db4732d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7b692dff8df0ba5feb8df00f27d906d6eb1fe627"},{"type":"WEB","url":"https://git.kernel.org/stable/c/84419556359bc96d3fe1623d47a64c86542566cc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9612d91f617231e03c49cb9b0c02f975a3b4f51f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23315.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23315"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"577dbc6c656da6997dddc6cf842b7954588f2d4e"},{"fixed":"84419556359bc96d3fe1623d47a64c86542566cc"},{"fixed":"7ae7b093b7dba9548a3bc4766b9364b97db4732d"},{"fixed":"7b692dff8df0ba5feb8df00f27d906d6eb1fe627"},{"fixed":"9612d91f617231e03c49cb9b0c02f975a3b4f51f"},{"fixed":"0fb3b94a9431a3800717e5c3b6fa2e1045a15029"},{"fixed":"4e10a730d1b511ff49723371ed6d694dd1b2c785"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23315.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.10.0"},{"fixed":"6.1.167"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.130"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.77"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.17"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23315.json"}}],"schema_version":"1.7.5"}