Firmware Crash in Linux Kernel's WiFi Component for Mediatek's AP Interface
CVE-2026-53317

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53317?

A vulnerability has been identified in the Linux kernel related to the Mediatek WiFi driver, where certain configurations of station AIDs can lead to a firmware crash. This issue specifically arises when the station AID exceeds 20, particularly in modified environments where hostapd is configured to start allocation at values like 65. The stock hostapd limits station AIDs to a range that prevents such crashes. This vulnerability has been addressed to ensure that oversized AIDs do not compromise system stability, particularly for AP interfaces, while maintaining normal operations for station interfaces.

Affected Version(s)

Linux 5c14a5f944b91371961548b1907802f74a4d2e5c < 6dbe70f9ef14d8ac1c24bf19fd9510978a3ab952

Linux 5c14a5f944b91371961548b1907802f74a4d2e5c < 35835ff71e6e618155578b8e3905597edd5f601c

Linux 5c14a5f944b91371961548b1907802f74a4d2e5c < 1a4b802afe15c5b33b2dcb37a594aba2fa215d52

References

https://git.kernel.org/stable/c/6dbe70f9ef14d8ac1c24bf19f...

https://git.kernel.org/stable/c/35835ff71e6e618155578b8e3...

https://git.kernel.org/stable/c/1a4b802afe15c5b33b2dcb37a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53317 Data

JSON