wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration — CVE-2026-23246

Summary

Advisory CVE-2026-23246. wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration Vendor: Microsoft. Source: MSRC. Threat: medium. CVSS 5.9. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Review exposure and plan remediation based on risk and environment.
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• bad reuse of HTTP Negotiate connection CVE-2026-1965
• btrfs: do not free data reservation in fallback from inline due to -ENOSPC CVE-2025-71269
• fbdev: rivafb: fix divide error in nv3_arb() CVE-2026-23266
• io_uring/rw: free potentially allocated iovec on cache put failure CVE-2026-23259
• media: dvb-core: fix wrong reinitialization of ringbuffer on reopen CVE-2026-23253
• net: add proper RCU protection to /proc/net/ptype CVE-2026-23255
• M365 Copilot Information Disclosure Vulnerability CVE-2026-24299
• Microsoft Bing Tampering Vulnerability CVE-2026-26120
• Microsoft Copilot Information Disclosure Vulnerability CVE-2026-26136
• fs: ntfs3: check return value of indx_find to avoid infinite loop CVE-2025-71266
• fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata CVE-2025-71265
• fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST CVE-2025-71267