CVE-2026-23152

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the mac80211 module related to the handling of TID-To-Link Mapping (TTLM) elements. Specifically, the parsing of TTLM elements with a default link map is flawed, leading to an out-of-bounds read when processing frames. Access points should not explicitly report a TTLM with a default mapping, as the default mapping is implied when the element is absent. However, the mac80211 module incorrectly parses the frame and attempts to read beyond the element's boundaries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-23152

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

Affected Products

Linux Kernel

Mac80211

CVE-2026-23152

Related Identifiers

Affected Products

References · 1569