CVE-2026-43052

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: check tdls flag in ieee80211_tdls_oper

When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operation to proceed for non-TDLS stations, causing unintended side effects like modifying channel context and HT protection before failing.

Add a check for sta->sta.tdls early in the ENABLE_LINK case, before any side effects occur, to ensure the operation is only allowed for actual TDLS peers.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < e602246235fc2ef06c39b2e9cf147d84d0896b73affected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < 6813a8b1b240756dad4375f3e020ce10e4e3871baffected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < 44839ea7e96b3659a1606f3d5267063135479b7caffected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < ba5b43db126a5e7378553869e3f7954d9187349faffected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < 8148c2fda4ebb17104a573649c9b699208ad10eeaffected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < be81f17151fcb8546a95f35ca8f4231b065985deaffected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < e77b2937aaa20264e4bd699d3244bdb50e7e3343affected
LinuxLinux941c93cd039852b7ab02c74f4698c99d82bd6cfe < 7d73872d949c488a1d7c308031d6a9d89b5e0a8baffected
LinuxLinux3.2affected
LinuxLinux0 < 3.2unaffected
LinuxLinux5.10.259 <= 5.10.*unaffected
LinuxLinux5.15.209 <= 5.15.*unaffected
LinuxLinux6.1.175 <= 6.1.*unaffected
LinuxLinux6.6.142 <= 6.6.*unaffected
LinuxLinux6.12.81 <= 6.12.*unaffected
LinuxLinux6.18.22 <= 6.18.*unaffected
LinuxLinux6.19.12 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References