CVE-2026-43387

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser"), we don't trust the data in the frame so we should check the ...

medium 5.5 CVSS 3.1
Published: May 8, 2026
Modified: May 26, 2026
Vendor: Linux
Product: Linux Kernel
Versions: 7.0

Description

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()

Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds
read in rtw_get_ie() parser"), we don't trust the data in the frame so
we should check the length better before acting on it

References

Related CVEs

CVE-2026-43500 high · 7.8
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_
CVE-2026-43416 medium · 5.5
In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current->mm is alive before getting user callchain It may happen that mm is already
CVE-2026-43388 high · 7.8
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walk_control on inactive context in damos_walk() damos_walk() sets ctx->walk_control to t
CVE-2026-43389 medium · 5.5
In the Linux kernel, the following vulnerability has been resolved: mm: memfd_luo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its o
CVE-2026-43390 medium · 5.5
In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see o
CVE-2026-43391 high · 8.8
In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to