CVE-2026-53178
8.1
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction
Add guards to ensure ie_length is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d3fcee1b78a533c256077f1300dd236801397cf7 < 542d65a6dbd9733baab96313c9fe76a76e93f484 | affected |
| Linux | Linux | d3fcee1b78a533c256077f1300dd236801397cf7 < 88e994c57a79f62d5338231d8d37ee8dd98baffe | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 7.0.13 <= 7.0.* | unaffected |
| Linux | Linux | 7.1 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/542d65a6dbd9733baab96313c9fe76a76e93f484
- https://git.kernel.org/stable/c/88e994c57a79f62d5338231d8d37ee8dd98baffe
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.