CVE-2025-68362

Linux Kernel - Buffer Underflow in rtl8187_rx_cb() via Truncated Packet

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() The rtl8187_rx_cb() calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received packet (skb->len from urb->actual_length) is large enough to contain this header. If a truncated packet is received, this will lead to a buffer underflow, reading memory before the start of the skb data area, and causing a kernel panic. Add length checks for both rtl8187 and rtl8187b descriptor headers before attempting to access them, dropping the packet cleanly if the check fails.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/e2f3ea15e804607e0a4a34a2f6c331c8750b68bc

Patch

https://git.kernel.org/stable/c/118e12bf3e4288cf845cd3759bd9d4c99f91aab5

Patch

https://git.kernel.org/stable/c/6a96bd0d94305fd04a6ac64446ec113bae289384

Patch

https://git.kernel.org/stable/c/dc153401fb26c1640a2b279c47b65e1c416af276

Patch

https://git.kernel.org/stable/c/4758770a673c60d8f615809304d72e1432fa6355

Patch

https://git.kernel.org/stable/c/638d4148e166d114a4cd7becaae992ce1a815ed8

Patch

https://git.kernel.org/stable/c/5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15

Patch

https://git.kernel.org/stable/c/b647d2574e4583c2e3b0ab35568f60c88e910840

Scores

EPSS 0.0005

EPSS Percentile 15.3%

Details

Status published

Products (25)

linux/Kernel 2.6.27 - 5.10.248linux

linux/Kernel 5.11.0 - 5.15.198linux

linux/Kernel 5.16.0 - 6.1.160linux

linux/Kernel 6.13.0 - 6.17.13linux

linux/Kernel 6.18.0 - 6.18.2linux

linux/Kernel 6.2.0 - 6.6.120linux

linux/Kernel 6.7.0 - 6.12.63linux

Linux/Linux < 2.6.27

Linux/Linux 2.6.27

Linux/Linux 5.10.248 - 5.10.*

... and 15 more

Published Dec 24, 2025

Tracked Since Feb 18, 2026