-
CVE-2025-68256
- EPSS 0.04%
- Veröffentlicht 16.12.2025 14:44:58
- Zuletzt bearbeitet 18.04.2026 09:16:12
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser The Information Element (IE) parser rtw_get_ie() trusted the length byte of each IE without validating that the IE body (len bytes after the 2-byte header) fits inside the remaining frame buffer. A malformed frame can advertise an IE length larger than the available data, causing the parser to increment its pointer beyond the buffer end. This results in out-of-bounds reads or, depending on the pattern, an infinite loop. Fix by validating that (offset + 2 + len) does not exceed the limit before accepting the IE or advancing to the next element. This prevents OOB reads and ensures the parser terminates safely on malformed frames.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
9829c6e1b2e4180fd18315252ad6faeab6128076
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
b977eb31802817f4a37da95bf16bfdaa1eeb5fc2
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
30c558447e90935f0de61be181bbcedf75952e00
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
a54e2b2db1b7de2e008b4f62eec35aaefcc663c5
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
df191dd9f4c7249d98ada55634fa8ac19089b8cb
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
c0d93d69e1472ba75b78898979b90a98ba2a2501
Status
affected
Version
554c0a3abf216c991c5ebddcdb2c08689ecd290b
Version <
154828bf9559b9c8421fc2f0d7f7f76b3683aaed
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
4.12
Status
affected
Version
0
Version <
4.12
Status
unaffected
Version <=
5.15.*
Version
5.15.203
Status
unaffected
Version <=
6.1.*
Version
6.1.160
Status
unaffected
Version <=
6.6.*
Version
6.6.120
Status
unaffected
Version <=
6.12.*
Version
6.12.62
Status
unaffected
Version <=
6.17.*
Version
6.17.12
Status
unaffected
Version <=
6.18.*
Version
6.18.1
Status
unaffected
Version <=
*
Version
6.19
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.131 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|