CVE-2026-20456
5.5 MEDIUMIn wlan STA driver, there is a possible system crash due to a missing bounds check
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 5.5 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-787
Affected products
| Vendor | Product |
|---|---|
| mediatek | mt7902_firmware, mt7920_firmware, mt7921_firmware |
Description
In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-20455 — In geniezone, there is a possible out of bounds write due to a missing bounds check (7.8 HIGH)
- CVE-2026-20454 — In geniezone, there is a possible out of bounds write due to a race condition (6.4 MEDIUM)
- CVE-2026-20453 — In geniezone, there is a possible out of bounds write due to a missing bounds check (6.7 MEDIUM)
- CVE-2026-20452 — In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow (8.0 HIGH)
Same CWE
- CVE-2026-54410 — nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows ... (8.6 HIGH)
- CVE-2026-6676 — Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execu... (7.8 HIGH)
- CVE-2025-14098 — Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executab... (7.8 HIGH)
- CVE-2026-41157 — A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU ...
- CVE-2026-34195 — Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in t...