{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-46136","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.099Z","datePublished":"2026-05-28T09:35:52.004Z","dateUpdated":"2026-06-14T17:57:08.679Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-14T17:57:08.679Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"],"versions":[{"version":"0c9318d49e501a5d50b02bd91a4813bde2353488","lessThan":"2a79b1a492bcfa725383b6580cd93a6862308c85","status":"affected","versionType":"git"},{"version":"15173a1697236793e9e900b82fece6f99d41b2a7","lessThan":"e451c325b000b9a0081fd93bc6d103d6943d4b55","status":"affected","versionType":"git"},{"version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","lessThan":"90cc573fd2f46ddbc2c329e7814b5ba3deb7b939","status":"affected","versionType":"git"},{"version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","lessThan":"0aa63d33742b805d1a218d18d12b983cce4b2f7b","status":"affected","versionType":"git"},{"version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","lessThan":"a0111847f0b4f6023f6dd320114697514e024ba3","status":"affected","versionType":"git"},{"version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","lessThan":"5373f8b19e568b5c217832b9bbef165bd2b2df14","status":"affected","versionType":"git"},{"version":"5c8cac512844ad593d31258e215908014381bee2","status":"affected","versionType":"git"},{"version":"6.1.75","lessThan":"6.1.175","status":"affected","versionType":"semver"},{"version":"6.6.14","lessThan":"6.6.140","status":"affected","versionType":"semver"},{"version":"6.7.2","lessThan":"6.8","status":"affected","versionType":"semver"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"],"versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","status":"unaffected","versionType":"semver"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.75","versionEndExcluding":"6.1.175"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.14","versionEndExcluding":"6.6.140"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.12.88"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.18.30"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"7.0.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"7.1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2a79b1a492bcfa725383b6580cd93a6862308c85"},{"url":"https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55"},{"url":"https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939"},{"url":"https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b"},{"url":"https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3"},{"url":"https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14"}],"title":"wifi: mt76: mt7921: fix a potential clc buffer length underflow","x_generator":{"engine":"bippy-1.2.0"}}}}