Primary

Context

Linux Kernel Wi-Fi MT76 MT7996 Non-Station WCID Entry Check Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Wi-Fi MT76 MT7996 driver has been addressed. The issue arose because non-station Wireless Client Identifier (WCID) entries were incorrectly passed to the receive functions. This could lead to corruption of the WCID array, particularly with the global WCID entry, due to improper pointer casting. The vulnerability has been fixed by adding the necessary checks for WCID entries before they are processed.

Impact

The vulnerability could cause memory corruption by improperly handling WCID entries, leading to potential instability or unexpected behavior in the Wi-Fi driver.

Added: Oct 1, 2025, 8:26 AM

Updated: Oct 1, 2025, 8:26 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Wi-Fi MT76 MT7996 Non-Station WCID Entry Check Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating