Description
In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: enforce HE/EHT cap/oper consistency

Xiang Mei reports that mac80211 could crash if eht_cap is set
but eht_oper isn't. Rather than fixing that for the individual
user(s), enforce that both HE/EHT have consistent elements.
Published: 2026-06-25
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s cfg80211 subsystem can crash when the HE/EHT capability configuration is present but the corresponding operational configuration is missing. This inconsistent state leads to an improper assumption in mac80211, resulting in a kernel failure that can disrupt system operation.

Affected Systems

The issue affects any Linux system that loads the kernel WiFi stack, regardless of vendor or distribution. No specific kernel release or version was cited in the advisory, so all releases before the fix are potentially vulnerable.

Risk and Exploitability

The vulnerability is classified as a kernel crash, providing a local denial of service that could be escalated if an attacker can trigger the crash from user space. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. It is likely that the attacker would need to supply a malformed WiFi configuration or management frame, implying a local or remote attack vector depending on the system’s exposure to wireless traffic.

Generated by OpenCVE AI on June 25, 2026 at 11:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that contains the fix for the HE/EHT capability mismatch.
  • If an official update is not yet available from your distribution, obtain the upstream patch from the kernel’s stable branch and apply it manually to your system.
  • Until the patch can be applied, consider disabling HE/EHT (802.11ax) features in the WiFi driver or configuration to avoid the inconsistent state.

Generated by OpenCVE AI on June 25, 2026 at 11:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-704

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if eht_cap is set but eht_oper isn't. Rather than fixing that for the individual user(s), enforce that both HE/EHT have consistent elements.
Title wifi: cfg80211: enforce HE/EHT cap/oper consistency
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-25T08:39:47.248Z

Reserved: 2026-06-09T07:44:35.394Z

Link: CVE-2026-53257

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T12:00:13Z

Weaknesses
  • CWE-704

    Incorrect Type Conversion or Cast