Description
In the Linux kernel, the following vulnerability has been resolved:

wifi: cfg80211: enforce HE/EHT cap/oper consistency

Xiang Mei reports that mac80211 could crash if eht_cap is set
but eht_oper isn't. Rather than fixing that for the individual
user(s), enforce that both HE/EHT have consistent elements.
Published: 2026-06-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A mismatch between HE/EHT capability settings and operational parameters in the Linux kernel’s cfg80211 wireless subsystem can cause a null pointer dereference that triggers a kernel panic. This flaw represents a failure to validate error conditions (CWE‑390). The resulting crash stops the system, requiring a reboot and rendering the machine unavailable until the issue is fixed.

Affected Systems

All Linux kernel releases that expose the Wi‑Fi stack before the fix are affected, regardless of distribution. The vulnerability originates in the cfg80211 implementation that processes HE/EHT capability data, so any kernel configured to handle Wi‑Fi traffic and that does not include the consistency enforcement patch is at risk.

Risk and Exploitability

The CVSS base score of 5.5 and an EPSS score of less than 1% indicate moderate severity and a low likelihood of widespread exploitation. It is not listed in the CISA KEV catalog. The event is most likely triggered by an attacker delivering a malformed Wi‑ frame that contains inconsistent HE/EHT elements; this inference is based on how the kernel processes capability data. Exploitation can occur locally or remotely if the wireless interface is exposed to untrusted networks.

Generated by OpenCVE AI on June 26, 2026 at 05:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the kernel to a version that includes the HE/EHT consistency fix.
  • If a distribution patch is not available, download the upstream patch from kernel.org, apply it to your kernel source tree, recompile, and install the new kernel image.
  • As a temporary workaround, disable HE/EHT (802.11ax) support in the wireless driver or module parameters to eliminate inconsistent capability states.

Generated by OpenCVE AI on June 26, 2026 at 05:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 04:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-704

Fri, 26 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-390
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Thu, 25 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-704

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if eht_cap is set but eht_oper isn't. Rather than fixing that for the individual user(s), enforce that both HE/EHT have consistent elements.
Title wifi: cfg80211: enforce HE/EHT cap/oper consistency
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-25T08:39:47.248Z

Reserved: 2026-06-09T07:44:35.394Z

Link: CVE-2026-53257

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-25T00:00:00Z

Links: CVE-2026-53257 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T05:30:17Z

Weaknesses
  • CWE-390

    Detection of Error Condition Without Action