2439883 – (CVE-2026-23152) CVE-2026-23152 kernel: wifi: mac80211: correctly decode TTLM with default link map

Bug 2439883 (CVE-2026-23152) - CVE-2026-23152 kernel: wifi: mac80211: correctly decode TTLM with default link map

Summary: CVE-2026-23152 kernel: wifi: mac80211: correctly decode TTLM with default lin...

Keywords:
Status:	NEW
Alias:	CVE-2026-23152
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-14 17:01 UTC by OSIDB Bzimport
Modified:	2026-02-16 15:09 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-14 17:01:20 UTC

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: correctly decode TTLM with default link map

TID-To-Link Mapping (TTLM) elements do not contain any link mapping
presence indicator if a default mapping is used and parsing needs to be
skipped.

Note that access points should not explicitly report an advertised TTLM
with a default mapping as that is the implied mapping if the element is
not included, this is even the case when switching back to the default
mapping. However, mac80211 would incorrectly parse the frame and would
also read one byte beyond the end of the element.

Comment 1 Alexander B 2026-02-16 14:02:59 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026021414-CVE-2026-23152-c2ae@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.