CVE Catalog

CVE-2026-46125

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile - higher than 22% of all known CVEs

Summary

In the Linux kernel's mac80211 subsystem, a vulnerability was found where a station is not removed after a failed MLO connection preparation. This leads to a use-after-free or double-free in debugfs when the interface is reset from MLD mode.

Risk Assessment

The organization is at risk of system crashes or potential code execution by an attacker exploiting the use-after-free bug in the WiFi driver.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit 0c2b6c2a5c1e) and reboot the system to load the new kernel.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD. In this case, we must not keep the station since it's related to the link of the vif being removed. Delete an existing station. Any "new_sta" is already being removed, so that doesn't need changes. This fixes a use-after-free/double-free in debugfs if that's enabled, because a vif going from MLD (and to MLD, but that's not relevant here) recreates its entire debugfs.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS