CVE-2025-71100

HIGH

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() TID getting from ieee80211_get_tid() might be out of range of array size of sta_entry->tids[], so check TID is less than MAX_TID_COUNT. Othwerwise, UBSAN warn: UBSAN: array-index-out-of-bounds in drivers/net/wireless/realtek/rtlwifi/rtl8192cu/trx.c:514:30 index 10 is out of range for type 'rtl_tid_data [9]'

References (3)

[Patch] https://git.kernel.org/stable/c/90a15ff324645aa806d81fa349497cd964861b66

[Patch] https://git.kernel.org/stable/c/9765d6eb8298b07d499cdf9ef7c237d3540102d6

[Patch] https://git.kernel.org/stable/c/dd39edb445f07400e748da967a07d5dca5c5f96e

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-129

Status published

Products (13)

linux/Kernel 6.13.0 - 6.18.4linux

linux/Kernel 6.9.0 - 6.12.64linux

Linux/Linux < 6.9

Linux/Linux 6.12.64 - 6.12.*

Linux/Linux 6.18.4 - 6.18.*

Linux/Linux 6.19

Linux/Linux 6.9

Linux/Linux 8ca4cdef93297c9b9bf08da39bc940bd20acbb94 - 90a15ff324645aa806d81fa349497cd964861b66

Linux/Linux 8ca4cdef93297c9b9bf08da39bc940bd20acbb94 - 9765d6eb8298b07d499cdf9ef7c237d3540102d6

Linux/Linux 8ca4cdef93297c9b9bf08da39bc940bd20acbb94 - dd39edb445f07400e748da967a07d5dca5c5f96e

... and 3 more

Published Jan 13, 2026

Tracked Since Feb 18, 2026