CVE-2026-43386

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie The current code checks 'i + 5 < in_len' at the end of the if statement. However, it accesses 'in_ie[i + 5]' before that check, which can lead to an out-o...

high 7.1 CVSS 3.1

Published: May 8, 2026

Modified: May 26, 2026

Vendor: Linux

Product: Linux Kernel

Versions: 7.0

Description

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie

The current code checks 'i + 5 < in_len' at the end of the if statement.
However, it accesses 'in_ie[i + 5]' before that check, which can lead
to an out-of-bounds read. Move the length check to the beginning of the
conditional to ensure the index is within bounds before accessing the
array.

References

Related CVEs

CVSS Breakdown

Version	3.1
Score	7.1 / 10
Severity	high

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Weakness (CWE)

CWE-125

Affected Product

Vendor	Linux
Product	Linux Kernel
Versions	7.0