CVE-2026-23152

Description

In the Linux kernel, the following vulnerability has been resolved:wifi: mac80211: correctly decode TTLM with default link mapTID-To-Link Mapping (TTLM) elements do not contain any link mappingpresence indicator if a default mapping is used and parsing needs to beskipped.Note that access points should not explicitly report an advertised TTLMwith a default mapping as that is the implied mapping if the element isnot included, this is even the case when switching back to the defaultmapping. However, mac80211 would incorrectly parse the frame and wouldalso read one byte beyond the end of the element.

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.017

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234