CVE-2026-53100

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: fix deadlock in remain-on-channel

mt76 remain on channel() and mt76 roc complete() call mt76 set channel() while already holding dev->mutex. Since mt76 set channel() also acquires dev->mutex, this results in a deadlock.

Use mt76 set channel() instead of mt76 set channel(). Add cancel delayed work sync() for mac work before acquiring the mutex in mt76 remain on channel() to prevent a secondary deadlock with the mac work workqueue.