{"api_version":"1","generated_at":"2026-06-03T19:01:13+00:00","cve":"CVE-2026-46136","urls":{"html":"https://cve.report/CVE-2026-46136","api":"https://cve.report/api/cve/CVE-2026-46136.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-46136","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-46136"},"summary":{"title":"wifi: mt76: mt7921: fix a potential clc buffer length underflow","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-05-28 10:16:29","updated_at":"2026-06-01 17:17:28"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3","name":"https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939","name":"https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14","name":"https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55","name":"https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b","name":"https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/2a79b1a492bcfa725383b6580cd93a6862308c85","name":"https://git.kernel.org/stable/c/2a79b1a492bcfa725383b6580cd93a6862308c85","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-46136","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46136","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 0c9318d49e501a5d50b02bd91a4813bde2353488 2a79b1a492bcfa725383b6580cd93a6862308c85 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 15173a1697236793e9e900b82fece6f99d41b2a7 e451c325b000b9a0081fd93bc6d103d6943d4b55 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected fa6ad88e023ddfa6c5dcdb466d159e89f451e305 90cc573fd2f46ddbc2c329e7814b5ba3deb7b939 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected fa6ad88e023ddfa6c5dcdb466d159e89f451e305 0aa63d33742b805d1a218d18d12b983cce4b2f7b git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected fa6ad88e023ddfa6c5dcdb466d159e89f451e305 a0111847f0b4f6023f6dd320114697514e024ba3 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected fa6ad88e023ddfa6c5dcdb466d159e89f451e305 5373f8b19e568b5c217832b9bbef165bd2b2df14 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5c8cac512844ad593d31258e215908014381bee2 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.1.75 6.1.175 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.6.14 6.6.140 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.7.2 6.8 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.8","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.8 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.175 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.140 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.88 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.30 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.7 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1-rc1 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"46136","cve":"CVE-2026-46136","epss":"0.000240000","percentile":"0.072780000","score_date":"2026-06-02","updated_at":"2026-06-03 00:08:16"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"2a79b1a492bcfa725383b6580cd93a6862308c85","status":"affected","version":"0c9318d49e501a5d50b02bd91a4813bde2353488","versionType":"git"},{"lessThan":"e451c325b000b9a0081fd93bc6d103d6943d4b55","status":"affected","version":"15173a1697236793e9e900b82fece6f99d41b2a7","versionType":"git"},{"lessThan":"90cc573fd2f46ddbc2c329e7814b5ba3deb7b939","status":"affected","version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","versionType":"git"},{"lessThan":"0aa63d33742b805d1a218d18d12b983cce4b2f7b","status":"affected","version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","versionType":"git"},{"lessThan":"a0111847f0b4f6023f6dd320114697514e024ba3","status":"affected","version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","versionType":"git"},{"lessThan":"5373f8b19e568b5c217832b9bbef165bd2b2df14","status":"affected","version":"fa6ad88e023ddfa6c5dcdb466d159e89f451e305","versionType":"git"},{"status":"affected","version":"5c8cac512844ad593d31258e215908014381bee2","versionType":"git"},{"lessThan":"6.1.175","status":"affected","version":"6.1.75","versionType":"semver"},{"lessThan":"6.6.140","status":"affected","version":"6.6.14","versionType":"semver"},{"lessThan":"6.8","status":"affected","version":"6.7.2","versionType":"semver"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"6.8"},{"lessThan":"6.8","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.175","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.140","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.88","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.30","versionType":"semver"},{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.7","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1-rc1","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.175","versionStartIncluding":"6.1.75","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.140","versionStartIncluding":"6.6.14","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.88","versionStartIncluding":"6.8","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.30","versionStartIncluding":"6.8","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.7","versionStartIncluding":"6.8","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1-rc1","versionStartIncluding":"6.8","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.2","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure."}],"providerMetadata":{"dateUpdated":"2026-06-01T16:18:59.295Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/2a79b1a492bcfa725383b6580cd93a6862308c85"},{"url":"https://git.kernel.org/stable/c/e451c325b000b9a0081fd93bc6d103d6943d4b55"},{"url":"https://git.kernel.org/stable/c/90cc573fd2f46ddbc2c329e7814b5ba3deb7b939"},{"url":"https://git.kernel.org/stable/c/0aa63d33742b805d1a218d18d12b983cce4b2f7b"},{"url":"https://git.kernel.org/stable/c/a0111847f0b4f6023f6dd320114697514e024ba3"},{"url":"https://git.kernel.org/stable/c/5373f8b19e568b5c217832b9bbef165bd2b2df14"}],"title":"wifi: mt76: mt7921: fix a potential clc buffer length underflow","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-46136","datePublished":"2026-05-28T09:35:52.004Z","dateReserved":"2026-05-13T15:03:33.099Z","dateUpdated":"2026-06-01T16:18:59.295Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-28 10:16:29","lastModifiedDate":"2026-06-01 17:17:28","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"46136","Ordinal":"1","Title":"wifi: mt76: mt7921: fix a potential clc buffer length underflow","CVE":"CVE-2026-46136","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"46136","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix a potential clc buffer length underflow\n\nThe buf_len is used to limit the iterations for retrieving the country\npower setting and may underflow under certain conditions due to changes\nin the power table in CLC.\n\nThis underflow leads to an almost infinite loop or an invalid power\nsetting resulting in driver initialization failure.","Type":"Description","Title":"wifi: mt76: mt7921: fix a potential clc buffer length underflow"}]}}}