CVE-2026-53317
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2026
Last modified:
30/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: mt76: mt7921: Place upper limit on station AID<br />
<br />
Any station configured with an AID over 20 causes a firmware crash.<br />
This situation occurred in our testing using an AP interface on 7922<br />
hardware, with a modified hostapd, sourced from Mediatek&#39;s OpenWRT<br />
feeds.<br />
<br />
In stock hostapd, station AIDs begin counting at 1, and this<br />
configuration is prevented with an upper limit on associated stations.<br />
However, the modified hostapd began allocation at 65, which caused the<br />
firmware to crash. This fix does not allow these AIDs to work, but will<br />
prevent the firmware crash.<br />
<br />
This crash was only seen on IFTYPE_AP interfaces, and the fix does not<br />
appear to have an effect on IFTYPE_STATION behavior.



