MM-SA-2026-002 Security Advisory
Heap buffer overflow in dot11ah.ko S1G Capabilities IE processing
CVE | CVE-2026-7762 |
Severity | High (CVSS v3.1 8.8) |
Fixed in | HaLowLink 2 software version 2.11.13 |
Status | Resolved |
Summary
A heap buffer overflow in the dot11ah.ko HaLow Wi-Fi kernel driver allows an unauthenticated attacker within radio range to cause a denial of service or potentially achieve remote code execution via a crafted 802.11ah beacon or probe response containing a malformed S1G Capabilities Information Element.
Affected products
Product | Affected versions | Fixed version |
|---|---|---|
HaLowLink 2 | All versions prior to 2.11.13 | 2.11.13 |
Customers using
dot11ah.ko in their own Linux integrations should treat their integration as affected if the driver source corresponds to a Morse Micro driver release predating 2.11.13. Contact security@morsemicro.com for patched source.Action
Upgrade HaLowLink 2 software to 2.11.13 or later.
Acknowledgements
Reported to Morse Micro through Bugcrowd. Morse Micro thanks the researcher for responsible disclosure.
