CVE-2026-23130

CWE-667CWE-8337 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit [1] converted the management transmission work item into a wiphy work. Since a wiphy work can only run under wiphy lock protection, a race condition happens in below scenario: 1. a management frame is queued for transmission. 2. ath12k_mac_op_flush() gets called to flush pending frames associated with the hardware (i.e, vif being NULL). Then in ath12k_mac_flu

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.146.18.8+1
CVEListV5linux/linux56dcbf0b520796e26b2bbe5686bdd305ad92495406ac2aa13f701a0296e92f5f54ae24224d426b28+2
Debianlinux< 6.18.8-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23130: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit [1] converted2026-02-14
GHSA
GHSA-6mvr-5ch7-jjjq: In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit [1] converte2026-02-14
CVEList
wifi: ath12k: fix dead lock while flushing management frames2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: wifi: ath12k: fix dead lock while flushing management frames2026-02-14
Debian
CVE-2026-23130: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23130 Impact, Exploitability, and Mitigation Steps | Wiz