Linux Kernel: static rx_result in mac80211 fast-RX causes packet misrouting
CVE-2026-46152 Published on May 28, 2026

wifi: mac80211: drop stray 'static' from fast-RX rx_result
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: drop stray 'static' from fast-RX rx_result ieee80211_invoke_fast_rx() is documented as safe for parallel RX, but its per-invocation rx_result is declared static. Concurrent callers then share one instance and can overwrite each other's result between ieee80211_rx_mesh_data() and the switch on res. That can make a packet that was queued or consumed by ieee80211_rx_mesh_data() fall through into ieee80211_rx_8023(), or make a packet that should continue return as queued. Make res an automatic variable so each invocation keeps its own result.

NVD

Vulnerability Analysis

CVE-2026-46152 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

The code contains a function or method that operates in a multi-threaded environment but owns an unsafe non-final static storable or member data element.


Products Associated with CVE-2026-46152

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-46152 are published in these products:

 
 
 

Affected Versions

Linux: Linux: Red Hat Enterprise Linux AppStream (v. 10): Red Hat Enterprise Linux AppStream E4S (v.9.4): Red Hat Enterprise Linux AppStream (v. 9): Red Hat Enterprise Linux BaseOS (v. 10): Red Hat Enterprise Linux BaseOS (v. 8): Red Hat Enterprise Linux BaseOS E4S (v.9.4): Red Hat Enterprise Linux BaseOS (v. 9): Red Hat Enterprise Linux CodeReady Linux Builder (v. 10): Red Hat Enterprise Linux CRB (v. 8): Red Hat Enterprise Linux CodeReady Linux Builder (v. 9): Red Hat Enterprise Linux Real Time for NFV (v. 10): Red Hat Enterprise Linux NFV (v. 8): Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4): Red Hat Enterprise Linux Real Time for NFV (v. 9): Red Hat Enterprise Linux Real Time (v. 10): Red Hat Enterprise Linux RT (v. 8): Red Hat Enterprise Linux Real Time E4S (v.9.4): Red Hat Enterprise Linux Real Time (v. 9): Red Hat Enterprise Linux 9: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 6:

Exploit Probability

EPSS
0.28%
Percentile
19.11%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.