CVE Catalog

CVE-2026-46271

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel within the wifi ath12k module, causing the WCN7850 firmware to crash in multi-link connections. The issue arises from enabling WoW offloads on both primary and secondary links, which has been fixed by restricting this function to the primary link only.

Risk Assessment

Firmware crashes can lead to disruptions in wireless network operations, affecting service availability within the organization. Using vulnerable firmware may result in significant connectivity issues.

Recommendation

It is recommended to update the Linux kernel to a version that includes the fix for this vulnerability to avoid connectivity problems when using WCN7850.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it. Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.1.c5-00284-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1

Vulnerability data from NVD (NIST) · CISA KEV · EPSS