CVE-2026-24803
📋 TL;DR
This CVE describes an infinite loop vulnerability in the mt7615d Wi-Fi driver security modules of the coolsnowwolf LEDE firmware. Attackers could cause denial of service by triggering the infinite loop, affecting systems running vulnerable LEDE firmware versions. This impacts routers and embedded devices using this specific driver component.
💻 Affected Systems
- coolsnowwolf LEDE firmware with mt7615d driver
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system lockup requiring physical power cycle, rendering the device unusable until rebooted.
Likely Case
Wi-Fi functionality disruption affecting connected clients, potentially requiring device reboot to restore service.
If Mitigated
Limited impact if the vulnerable driver component is not actively used or if traffic filtering prevents exploitation attempts.
🎯 Exploit Status
Exploitation requires sending specially crafted packets to the Wi-Fi interface. No authentication needed if attacker has network access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after r25.10.1
Vendor Advisory: https://github.com/coolsnowwolf/lede/pull/13346
Restart Required: Yes
Instructions:
1. Update LEDE firmware to version after r25.10.1. 2. Apply the patch from GitHub PR #13346. 3. Reboot the device to load the patched driver.
🔧 Temporary Workarounds
Disable vulnerable Wi-Fi interface
linuxTemporarily disable the mt7615d Wi-Fi interface to prevent exploitation
uci set wireless.@wifi-device[0].disabled=1
uci commit wireless
/etc/init.d/network restart
🧯 If You Can't Patch
- Implement network segmentation to isolate Wi-Fi networks from untrusted networks
- Use firewall rules to restrict access to Wi-Fi management interfaces
🔍 How to Verify
Check if Vulnerable:
Check LEDE version with 'cat /etc/openwrt_release' and verify if using mt7615d driver via 'lsmod | grep mt7615'Check Version:
cat /etc/openwrt_release | grep DISTRIB_RELEASEVerify Fix Applied:
Verify firmware version is newer than r25.10.1 and check that the bn_lib.C file has been updated with the fix📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing driver crashes or hangs
- System logs indicating Wi-Fi interface failures
Network Indicators:
- Unusual packet patterns targeting Wi-Fi management frames
- Sudden loss of Wi-Fi connectivity
SIEM Query:
source="kernel" AND ("mt7615" OR "Wi-Fi driver") AND ("hang" OR "crash" OR "infinite loop")