{"id":"CVE-2026-46166","summary":"wifi: mac80211: use safe list iteration in radar detect work","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use safe list iteration in radar detect work\n\nThe call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to\nbe freed and removed from the list. Guard against this to avoid a\nslab-use-after-free error.","modified":"2026-06-23T15:29:17.187340144Z","published":"2026-05-28T09:36:21.675Z","related":["ALSA-2026:27789","openSUSE-SU-2026:10954-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46166.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/120149fb3ebcf674832ca3cafd32bedcdb686dde"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7577a4b8a10fab45a6ee2045ea038a5adadbb585"},{"type":"WEB","url":"https://git.kernel.org/stable/c/887ece6c23b49d02a6678e7a8d5ad213d75883ce"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ac8eb3e18f41e2cc8492cc1d358bcb786c850270"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46166.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46166"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bca8bc0399ac2efd56e6adbed0307e10125a556c"},{"fixed":"887ece6c23b49d02a6678e7a8d5ad213d75883ce"},{"fixed":"7577a4b8a10fab45a6ee2045ea038a5adadbb585"},{"fixed":"120149fb3ebcf674832ca3cafd32bedcdb686dde"},{"fixed":"ac8eb3e18f41e2cc8492cc1d358bcb786c850270"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46166.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.12.0"},{"fixed":"6.12.88"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46166.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}