15 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed an out-of-bounds read during the parsing of the OnBeacon Extended Supported Rates ESR extension. The handling of the ESR extension during the OnBeacon phase involves accessing p + 1 + ielen and p + 2 +...
SUSE CVE-2025-68254
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
EUVD-2025-203746
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
CVE-2025-68254
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
CVE-2025-68254
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
UBUNTU-CVE-2025-68254
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
UBUNTU-CVE-2025-68255
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...
CVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
CVE-2025-68254
The CVE refers to a Linux kernel vulnerability in the staging: rtl8723bs driver where Extended Supported Rates (ESR) IE handling in OnBeacon could perform out-of-bounds reads by accessing (p + 1 + ielen) and (p + 2 + ielen) without ensuring the ESR IE body and following bytes lie within the frame...
CVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...
PT-2025-51668
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the rtl8723bs driver. Specifically, a stack buffer overflow can occur during the parsing of Supported Rates Information Element IE within...
CVE-2007-5448
Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service panic via a beacon frame with a large length value in the extended supported rates xrates element, which triggers an assertion error, related to net80211/ieee80211scanap.c and net80211/ieee80211scansta.c...
Code injection
Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service panic via a beacon frame with a large length value in the extended supported rates xrates element, which triggers an assertion error, related to net80211/ieee80211scanap.c and net80211/ieee80211scansta.c...