CVE-2026-46136 Linux CVE debrief

Who should care

Organizations and individuals running Linux systems with MediaTek MT7921 Wi-Fi chipsets, including laptops and embedded devices using this wireless hardware. Cloud infrastructure providers offering bare-metal or VM instances with passthrough MT7921 devices. IoT and edge computing deployments utilizing MT7921-based wireless connectivity.

Technical summary

The mt7921 driver in the Linux kernel's mt76 wireless stack contains a buffer length underflow vulnerability in Country Location Configuration (CLC) processing. The buf_len variable, used to bound iterations during country power setting retrieval, can underflow when processing certain power table configurations. This underflow results in either: (1) an effectively infinite loop due to the underflowed value being interpreted as a very large unsigned integer, or (2) loading of invalid power settings that cause driver initialization failure. The vulnerability is triggered during driver initialization when parsing CLC data from firmware. The fix implements proper bounds checking to prevent the underflow condition.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the mt7921 CLC buffer length fix when available from your Linux distribution
• Monitor stable kernel releases for commits addressing CVE-2026-46136
• For systems using MediaTek MT7921 Wi-Fi hardware, verify driver initialization logs for power setting errors as potential indicators of this issue
• Review vendor security advisories for distribution-specific patch availability

Evidence notes

The vulnerability description indicates this is a resolved kernel issue affecting the mt7921 driver specifically. The fix addresses buffer length validation in CLC power table parsing. Multiple stable kernel commits are referenced, suggesting backports to various kernel versions.

Official resources