CVE-2026-43159

MEDIUM

staging: rtl8723bs: fix null dereference in find_network

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix null dereference in find_network The variable pwlan has the possibility of being NULL when passed into rtw_free_network_nolock() which would later dereference the variable.

References (8)

Core 8

Core References

https://git.kernel.org/stable/c/3b1d0c9a1f78836d0bce6fdd37f596f22c19b03e

https://git.kernel.org/stable/c/1aa9c59f4b96a9056c02476c7ca89e96d15e0645

https://git.kernel.org/stable/c/48b4dec3a8bfd667cd0cd767eaf511176193e9a1

https://git.kernel.org/stable/c/cc3f83b6fb3773ad943365d1cd774b4ec050332e

https://git.kernel.org/stable/c/04d24a3654ed195485bc6346a9ef326fc494a34e

https://git.kernel.org/stable/c/677490a6bd4c63acdf6f48e4aaf6a23d7e6a446f

https://git.kernel.org/stable/c/7fa16ffed2b9d9d44940990c1f31159770769aeb

https://git.kernel.org/stable/c/41460a19654c32d39fd0e3a3671cd8d4b7b8479f

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (19)

Linux/Linux < 4.12

Linux/Linux 4.12

Linux/Linux 5.10.253 - 5.10.*

Linux/Linux 5.15.202 - 5.15.*

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 04d24a3654ed195485bc6346a9ef326fc494a34e

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 1aa9c59f4b96a9056c02476c7ca89e96d15e0645

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 3b1d0c9a1f78836d0bce6fdd37f596f22c19b03e

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 41460a19654c32d39fd0e3a3671cd8d4b7b8479f

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 48b4dec3a8bfd667cd0cd767eaf511176193e9a1

Linux/Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b - 677490a6bd4c63acdf6f48e4aaf6a23d7e6a446f

... and 9 more

Published May 06, 2026

Tracked Since May 06, 2026