Cengiz Can

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.74 **Description** A vulnerability in the Linux kernel has been resolved, related to the wifi component and the nl80211 attribute. The issue was caused by an off-by-one error in the validation of the NL80211 ATTR MLO LINK ID attribute, which could lead to a wild-memory-access bug. The vulnerability was demonstrated with a crash stack showing a read of size 6 at a specific address. To fix the issue, the policy needs to be updated to ensure correct validation of the attribute. **Recommendations** Update the Linux kernel to version 6.6.74 or later to fix the vulnerability. As a temporary workaround, consider updating the policy to ensure correct validation of the NL80211 ATTR MLO LINK ID attribute to prevent off-by-one errors.