{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46136", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.099Z", "datePublished": "2026-05-28T09:35:52.004Z", "dateUpdated": "2026-05-28T09:35:52.004Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-28T09:35:52.004Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"], "versions": [{"version": "15173a1697236793e9e900b82fece6f99d41b2a7", "lessThan": "e451c325b000b9a0081fd93bc6d103d6943d4b55", "status": "affected", "versionType": "git"}, {"version": "fa6ad88e023ddfa6c5dcdb466d159e89f451e305", "lessThan": "90cc573fd2f46ddbc2c329e7814b5ba3deb7b939", "status": "affected", "versionType": "git"}, {"version": "fa6ad88e023ddfa6c5dcdb466d159e89f451e305", "lessThan": "0aa63d33742b805d1a218d18d12b983cce4b2f7b", "status": "affected", "versionType": "git"}, {"version": "fa6ad88e023ddfa6c5dcdb466d159e89f451e305", "lessThan": "a0111847f0b4f6023f6dd320114697514e024ba3", "status": "affected", "versionType": "git"}, {"version": "fa6ad88e023ddfa6c5dcdb466d159e89f451e305", "lessThan": "5373f8b19e568b5c217832b9bbef165bd2b2df14", "status": "affected", "versionType": "git"}, {"version": "0c9318d49e501a5d50b02bd91a4813bde2353488", "status": "affected", "versionType": "git"}, {"version": "5c8cac512844ad593d31258e215908014381bee2", "status": "affected", "versionType": "git"}, {"version": "6.6.14", "lessThan": "6.6.140", "status": "affected", "versionType": "semver"}, {"version": "6.1.75", "lessThan": "6.2", "status": "affected", "versionType": "semver"}, {"version": "6.7.2", "lessThan": "6.8", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.140", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.88", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.30", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.7", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.14", "versionEndExcluding": "6.6.140"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12.88"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.18.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "7.0.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "7.1-rc1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55"}, {"url": "https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939"}, {"url": "https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b"}, {"url": "https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3"}, {"url": "https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14"}], "title": "wifi: mt76: mt7921: fix a potential clc buffer length underflow", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure."}], "id": "CVE-2026-46136", "lastModified": "2026-05-28T10:16:29.160", "metrics": {}, "published": "2026-05-28T10:16:29.160", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}