CVE-2026-46166
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk10th percentile - higher than 10% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the mac80211 subsystem due to unsafe list iteration in the radar detect work function. Calling ieee80211_dfs_cac_cancel can free and remove the iterated chanctx from the list, leading to a slab-use-after-free error.
Risk Assessment
The risk includes potential system instability, kernel panic, or privilege escalation by a local attacker, compromising system integrity and availability.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit with safe list iteration). Monitor official security advisories from your Linux distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error.

