CVE-2026-53178

HIGH

staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction Add guards to ensure ie_length is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow.

Scores

CVSS v3 8.1
EPSS 0.0021
EPSS Percentile 11.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Details

CWE
CWE-191
Status published
Products (9)
linux/Kernel 5.15.0 - 7.0.13linux
Linux/Linux < 5.15
Linux/Linux 5.15
Linux/Linux 7.0.13 - 7.0.*
Linux/Linux 7.1
Linux/Linux d3fcee1b78a533c256077f1300dd236801397cf7 - 542d65a6dbd9733baab96313c9fe76a76e93f484
Linux/Linux d3fcee1b78a533c256077f1300dd236801397cf7 - 88e994c57a79f62d5338231d8d37ee8dd98baffe
linux/linux_kernel 7.1 rc1 (7 CPE variants)
linux/linux_kernel 5.15 - 7.0.13
Published Jun 25, 2026
Tracked Since Jun 25, 2026