Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl8xxxu: Fixed a slab-out-of-bounds issue in rtl8xxxustaadd. The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for the driver’s private station data in stainfoalloc. When...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl8xxxu: Added cancelworksync for c2hcmdwork. The workqueue may still be running when the driver is stopped. To avoid a use-after-free, call cancelworksync in rtl8xxxustop...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50160)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50160 advisory. - mm/hugetlb: fix hugetlbpmdshared David Hildenbrand Orabug: 38931087 CVE-2026-23100 - platform/x86: classmate-laptop: Add missing NULL pointer...

SUSE CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234

CVE-2025-71234: Linux kernel rtl8xxxu slab-out-of-bounds in rtl8xxxu_sta_add fixed by setting hw->sta_data_size to sizeof(struct rtl8xxxu_sta_info) during probe to correctly allocate per-station data. Issue caused mac80211 to access sta->drv_priv beyond allocated space; KASAN showed a slab-...

CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2025-71234 wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

Linux Distros Unpatched Vulnerability : CVE-2025-71234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004018 advisory. A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cau...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004164 advisory. A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cau...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000441)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000441 advisory. A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cau...

CVE-2023-54036

A flaw was found in the Linux kernel's Wi-Fi driver for certain Realtek chips. This vulnerability allows a local attacker to cause a system to run out of memory, leading to a Denial of Service DoS. The issue occurs because the driver does not correctly free memory associated with Card-to-Host C2H...

SUSE CVE-2023-54036

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU The wifi + bluetooth combo chip RTL8723BU can leak memory especially? when it's connected to a bluetooth audio device. The busy bluetooth traffic generates lots of C2H ca...

Linux Distros Unpatched Vulnerability : CVE-2023-54036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU The wifi + bluetooth combo chip RTL8723BU can leak memory especially? when it's connected to a...

CVE-2023-54036

Summary (CVE-2023-54036) : In the Linux kernel, the wifi/rtl8xxxu stack (RTL8723BU and RTL8192EU) leaked memory due to C2H messages not being freed. The fix moves the dev_kfree_skb() call inside the loop that processes C2H messages in rtl8xxxu_c2hcmd_callback(). The RTL8192EU path previously left...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the rtl8xxxu driver not properly handling C2H messages, which could lead to a memory leak...