CVE-2026-23040

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-23040
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23040.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-23040
Downstream
Published
2026-02-04T16:00:23.897Z
Modified
2026-02-09T19:34:53.996615Z
Summary
wifi: mac80211_hwsim: fix typo in frequency notification
Details

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211_hwsim: fix typo in frequency notification

The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in cfg80211nextnandwnotif.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23040.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a37a6f54439bf82b827a7072415d3a4afa4e12bd
Fixed
1251bbdb8f5b2ea86ca9b4268a2e6aa34372ab33
Fixed
333418872bfecf4843f1ded7a4151685dfcf07d5

Affected versions

v6.*
v6.17
v6.17-rc7
v6.18
v6.18-rc1
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1
v6.18.2
v6.18.3
v6.18.4
v6.18.5
v6.19-rc1
v6.19-rc2
v6.19-rc3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23040.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23040.json"