CVE-2026-46136

EUVD-2026-32763
In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: mt7921: fix a potential clc buffer length underflow

The buf_len is used to limit the iterations for retrieving the country
power setting and may underflow under certain conditions due to changes
in the power table in CLC.

This underflow leads to an almost infinite loop or an invalid power
setting resulting in driver initialization failure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.9-1
fixed
sid
7.0.10-1
fixed
trixie
vulnerable
trixie (security)
6.12.90-2
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b
https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14
https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939
https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3
https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55