cve-2026-23246

CVE-2026-23246 is a vulnerability in the Linux kernel's mac80211 wireless stack, specifically in the Multi-Link Operation (MLO) reconfiguration handling. The flaw involves an out-of-bounds write when the link_id index is not properly validated, allowing index 15 to access a 15-entry array. The fix adds a bounds check to skip subelements with link_id >= IEEE80211_MLD_MAX_NUM_LINKS. This tag covers discussions about the vulnerability, its impact on wireless networking, and the upstream patch. While the issue is in Linux, it may affect Windows systems using affected wireless drivers or virtualized environments.