CVE-2026-46125
Gravedad CVSS v3.1:
ALTA
Tipo:
CWE-416
Utilización después de liberación
Fecha de publicación:
28/05/2026
Última modificación:
30/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: mac80211: remove station if connection prep fails<br />
<br />
If connection preparation fails for MLO connections, then the<br />
interface is completely reset to non-MLD. In this case, we must<br />
not keep the station since it&#39;s related to the link of the vif<br />
being removed. Delete an existing station. Any "new_sta" is<br />
already being removed, so that doesn&#39;t need changes.<br />
<br />
This fixes a use-after-free/double-free in debugfs if that&#39;s<br />
enabled, because a vif going from MLD (and to MLD, but that&#39;s<br />
not relevant here) recreates its entire debugfs.
Impacto
Puntuación base 3.x
8.80
Gravedad 3.x
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.0 (incluyendo) | 6.1.176 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (incluyendo) | 6.6.140 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (incluyendo) | 6.12.88 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (incluyendo) | 6.18.30 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (incluyendo) | 7.0.7 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/18fed0a209500bfea5c4c08609ec93855e4e500b
- https://git.kernel.org/stable/c/1c2b72ea89882aeb948340498391e69c58d466f1
- https://git.kernel.org/stable/c/283fc9e44ff5b5ac967439b4951b80bd4299f4e4
- https://git.kernel.org/stable/c/9e28654f79f443bca9b29ff3ae7cf18abfba58a0
- https://git.kernel.org/stable/c/afcbaed89cdc1a001b43270cbf5394bb4804270a
- https://git.kernel.org/stable/c/fe75fa1ac9a92990f7fc3d34b17808fd933071b2
- https://access.redhat.com/errata/RHSA-2026:26427
- https://access.redhat.com/errata/RHSA-2026:26428
- https://access.redhat.com/errata/RHSA-2026:26462
- https://access.redhat.com/errata/RHSA-2026:26515
- https://access.redhat.com/errata/RHSA-2026:26563
- https://access.redhat.com/errata/RHSA-2026:27288
- https://access.redhat.com/errata/RHSA-2026:27708
- https://access.redhat.com/errata/RHSA-2026:27731
- https://access.redhat.com/errata/RHSA-2026:27735
- https://access.redhat.com/errata/RHSA-2026:27789
- https://access.redhat.com/security/cve/CVE-2026-46125
- https://bugzilla.redhat.com/show_bug.cgi?id=2482608
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46125.json



