CVE-2026-23246

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel’s mac80211 wireless subsystem contains a flaw related to insufficient bounds checking of the link id variable within the ieee80211 ml reconfiguration function. The link id is derived from the ML Reconfiguration element, potentially ranging from 0 to 15. The link removal timeout array has a maximum of IEEE80211 MLD MAX NUM LINKS (15) elements, meaning an index of 15 is out of bounds. This can lead to a stack-based out-of-bounds write if subelements with link id values greater than or equal to IEEE80211 MLD MAX NUM LINKS are not skipped.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.