CVE-2026-53317

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2026
Last modified:
30/06/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: mt76: mt7921: Place upper limit on station AID<br /> <br /> Any station configured with an AID over 20 causes a firmware crash.<br /> This situation occurred in our testing using an AP interface on 7922<br /> hardware, with a modified hostapd, sourced from Mediatek&amp;#39;s OpenWRT<br /> feeds.<br /> <br /> In stock hostapd, station AIDs begin counting at 1, and this<br /> configuration is prevented with an upper limit on associated stations.<br /> However, the modified hostapd began allocation at 65, which caused the<br /> firmware to crash. This fix does not allow these AIDs to work, but will<br /> prevent the firmware crash.<br /> <br /> This crash was only seen on IFTYPE_AP interfaces, and the fix does not<br /> appear to have an effect on IFTYPE_STATION behavior.

Impact