CVE Catalog

CVE-2026-53257

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

5th percentile - higher than 5% of all known CVEs

Summary

In the Linux kernel, a vulnerability in the cfg80211 subsystem could cause a crash in mac80211 when eht_cap is set but eht_oper is missing. Consistency enforcement for HE/EHT elements has been added to prevent this.

Risk Assessment

The risk involves a potential kernel panic when processing inconsistent Wi-Fi frames, which could lead to network service disruption and a possible DoS attack.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit addressing the issue). Monitor official security advisories from your distribution.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if eht_cap is set but eht_oper isn't. Rather than fixing that for the individual user(s), enforce that both HE/EHT have consistent elements.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS