9 matches found
CVE-2026-43386 staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtwrestructwmmie The current code checks 'i + 5 inlen' at the end of the if statement. However, it accesses 'iniei + 5' before that check, which can lead to an out-of-bounds...
CVE-2026-43225 staging: rtl8723bs: fix memory leak on failure path
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix memory leak on failure path cfg80211informbssframe may return NULL on failure. In that case, the allocated buffer 'buf' is not freed and the function returns early, leading to potential memory leak. Fix th...
CVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser The Information Element IE parser rtwgetie trusted the length byte of each IE without validating that the IE body len bytes after the 2-byte header fits inside the...
CVE-2022-50384 staging: vme_user: Fix possible UAF in tsi148_dma_list_add
In the Linux kernel, the following vulnerability has been resolved: staging: vmeuser: Fix possible UAF in tsi148dmalistadd Smatch report warning as follows: drivers/staging/vmeuser/vmetsi148.c:1757 tsi148dmalistadd warn: '&entry-list' not removed from list In tsi148dmalistadd, the error path "got...
CVE-2022-50355 staging: vt6655: fix some erroneous memory clean-up loops
In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...
CVE-2025-38612
CVE-2025-38612 affects the Linux kernel staging driver fbtft (staging: fbtft). The vulnerability is due to a memory leak in fb_deferred_io_init() where memory allocated for info->pagerefs in the fb_info error path was not freed after fb_info allocation completed. The fix adds the cleanup on th...
UBUNTU-CVE-2022-49405
In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: prevent -Ssid overflow in rtwwxsetscan This code has a check to prevent read overflow but it needs another check to prevent writing beyond the end of the -Ssid array...
CVE-2022-49298
CVE-2022-49298 : Linux kernel staging rtl8712 driver fix for uninitialized mac[6] in r871xu_drv_init() after tmpU1b from r8712_read8(padapter, EE_9346CR) == 0. KMSAN reported uninit-value in that function and call chain (usb_intf.c:541; usb_probe_interface; device probing). Concrete details are p...
The vulnerability of the staging component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the staging component of the Linux operating system’s kernel is related to zero-division errors. Exploiting this vulnerability can allow an attacker to cause a service failure...