Linux Kernel Wi-Fi Driver Fragment Handling Vulnerability in mt76: mt7996

Vulnerability

A vulnerability in the Linux kernel's Wi-Fi driver for the mt76: mt7996 chipset has been addressed. The issue involved improper handling of IEEE 802.11 fragmentation, which can only be applied to unicast frames. The vulnerability allowed fragments with multicast or broadcast recipient addresses to be processed, contrary to the specifications. This patch resolves the issue and addresses related vulnerabilities such as CVE-2020-26145.

Impact

The vulnerability could lead to incorrect fragmentation handling, potentially allowing multicast or broadcast fragments to be processed as unicast, which could disrupt normal Wi-Fi operations.

Added: Jul 10, 2025, 10:48 AM

Updated: Jul 10, 2025, 10:48 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Wi-Fi Driver Fragment Handling Vulnerability in mt76: mt7996

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating