Description
In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211_hwsim: fix typo in frequency notification

The NAN notification is for 5745 MHz which corresponds to channel 149
and not 5475 which is not actually a valid channel. This could result in
a NULL pointer dereference in cfg80211_next_nan_dw_notif.
Published: 2026-02-04
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: Kernel Crash (Denial of Service)
Action: Apply Patch
AI Analysis

Impact

The Linux kernel's Wi‑Fi subsystem, mac80211_hwsim, contains a typo in the frequency notification for NAN. This mistake causes the code to interpret 5745 MHz as channel 149, while 5475 MHz is an invalid channel. A null pointer dereference occurs in cfg80211_next_nan_dw_notif when the incorrect notification is processed. Based on the description, it is inferred that an attacker capable of triggering the NAN notification could cause the kernel to crash, which would de‑synchronize the operating system and likely lead to a reboot or service outage.

Affected Systems

All Linux kernel distributions that include the mac80211_hwsim module and have not yet incorporated the patch found in commit 1251bbdb8f5b2ea86ca9b4268a2e6aa34372ab33. The affected kernel versions are unspecified, so any release containing the buggy code should be considered vulnerable until the fix is applied.

Risk and Exploitability

The CVSS base score of 7.0 denotes moderate severity. The EPSS score of less than 1% indicates a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, it is inferred that the exploit would require sending crafted Wi‑Fi frames or otherwise inducing a NAN notification, making the attack vector local to machines with active wireless interfaces that are reachable by the malicious traffic.

Generated by OpenCVE AI on April 18, 2026 at 18:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel update that includes the mac80211_hwsim fix.
  • If the system does not require the mac80211_hwsim module, disable or remove it to eliminate the attack surface.
  • Restrict exposure of Wi‑Fi interfaces by applying network isolation or firewall rules to block incoming traffic that could trigger the NAN notification.

Generated by OpenCVE AI on April 18, 2026 at 18:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Thu, 05 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 04 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in cfg80211_next_nan_dw_notif.
Title wifi: mac80211_hwsim: fix typo in frequency notification
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-09T08:37:35.072Z

Reserved: 2026-01-13T15:37:45.944Z

Link: CVE-2026-23040

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-02-04T16:16:19.460

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23040

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-04T00:00:00Z

Links: CVE-2026-23040 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T18:45:05Z

Weaknesses