Primary

Context

Linux Kernel VHT Operating Mode Notification Channel Width Validation Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's mac80211 Wi-Fi module allows for improper handling of Very High Throughput (VHT) operating mode notifications. VHT specifications do not support channel widths below 20 MHz, specifically 5 MHz and 10 MHz. The absence of a validation check can lead to the processing of malformed notifications, causing a warning due to invalid input. This vulnerability has been addressed by rejecting unsupported channel widths early in the 'sta_link_apply_parameters' function when VHT operating mode notifications are used.

Impact

Exploitation of this vulnerability could lead to a warning being triggered due to the processing of invalid VHT channel width notifications, potentially causing disruption in Wi-Fi driver operations.

Added: Aug 16, 2025, 11:30 AM

Updated: Aug 16, 2025, 11:30 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel VHT Operating Mode Notification Channel Width Validation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating