{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-43325", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-01T14:12:56.002Z", "datePublished": "2026-05-08T13:31:09.536Z", "dateUpdated": "2026-05-11T22:22:22.986Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:22:22.986Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't send a 6E related command when not supported\n\nMCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not send it if the\ndevice doesn't support 6E.\nApparently, the firmware is mistakenly advertising support for this\ncommand even on AX201 which does not support 6E and then the firmware\ncrashes."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/fw.c"], "versions": [{"version": "0d2fc8821a7d667180ce27732697105db843a1b9", "lessThan": "c0b3fa5e0eaecd38e6a9f8f78e86f468fbde719a", "status": "affected", "versionType": "git"}, {"version": "0d2fc8821a7d667180ce27732697105db843a1b9", "lessThan": "6607d0e58ceca997816122568ce54db9e134edab", "status": "affected", "versionType": "git"}, {"version": "0d2fc8821a7d667180ce27732697105db843a1b9", "lessThan": "323156c3541e23da7e582008a7ac30cd51b60acd", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/intel/iwlwifi/mvm/fw.c"], "versions": [{"version": "6.9", "status": "affected"}, {"version": "0", "lessThan": "6.9", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.22", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.12", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9", "versionEndExcluding": "6.18.22"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9", "versionEndExcluding": "6.19.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c0b3fa5e0eaecd38e6a9f8f78e86f468fbde719a"}, {"url": "https://git.kernel.org/stable/c/6607d0e58ceca997816122568ce54db9e134edab"}, {"url": "https://git.kernel.org/stable/c/323156c3541e23da7e582008a7ac30cd51b60acd"}], "title": "wifi: iwlwifi: mvm: don't send a 6E related command when not supported", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21ACBF2B-16E4-4D78-AB62-463FB9D3152C", "versionEndExcluding": "6.18.22", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A2B9540-02D5-41B4-B16A-82AF66FD4F36", "versionEndExcluding": "6.19.12", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't send a 6E related command when not supported\n\nMCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not send it if the\ndevice doesn't support 6E.\nApparently, the firmware is mistakenly advertising support for this\ncommand even on AX201 which does not support 6E and then the firmware\ncrashes."}], "id": "CVE-2026-43325", "lastModified": "2026-05-15T18:08:46.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-05-08T14:16:41.207", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/323156c3541e23da7e582008a7ac30cd51b60acd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6607d0e58ceca997816122568ce54db9e134edab"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c0b3fa5e0eaecd38e6a9f8f78e86f468fbde719a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: wifi: iwlwifi: mvm: don't send a 6E related command when not supported", "id": "2468049", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2468049"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability occurs when the driver attempts to send a Wi-Fi 6E (6th Generation Extended) related command, specifically `MCC_ALLOWED_AP_TYPE_CMD`, to a device that does not support Wi-Fi 6E. Due to the device's firmware mistakenly advertising support for this command, sending it can lead to a firmware crash. This could result in a Denial of Service (DoS) for the affected Wi-Fi functionality."], "name": "CVE-2026-43325", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-05-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-43325\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-43325\nhttps://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43325.mbox"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0d2fc8821a7d667180ce27732697105db843a1b9,c0b3fa5e0eaecd38e6a9f8f78e86f468fbde719a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0d2fc8821a7d667180ce27732697105db843a1b9,6607d0e58ceca997816122568ce54db9e134edab)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0d2fc8821a7d667180ce27732697105db843a1b9,323156c3541e23da7e582008a7ac30cd51b60acd)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.9"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.9)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.22,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.12,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-05-08T19:30:05.521936+00:00", "updated": "2026-05-15T20:00:07.920860+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-20"]}