CVE-2025-68256

Dec. 18, 2025, 3:08 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser The Information Element (IE) parser rtw_get_ie() trusted the length byte of each IE without validating that the IE body (len bytes after the 2-byte header) fits inside the remaining frame buffer. A malformed frame can advertise an IE length larger than the available data, causing the parser to increment its pointer beyond the buffer end. This results in out-of-bounds reads or, depending on the pattern, an infinite loop. Fix by validating that (offset + 2 + len) does not exceed the limit before accepting the IE or advancing to the next element. This prevents OOB reads and ensures the parser terminates safely on malformed frames.

Product(s) Impacted

Product Versions

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/154828bf9559b9c8421fc2f0d7f7f76b3683aaed
https://git.kernel.org/stable/c/a54e2b2db1b7de2e008b4f62eec35aaefcc663c5
https://git.kernel.org/stable/c/c0d93d69e1472ba75b78898979b90a98ba2a2501
https://git.kernel.org/stable/c/df191dd9f4c7249d98ada55634fa8ac19089b8cb

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-16
CVE-2025-68256

Timeline

Published: Dec. 16, 2025, 3:15 p.m.
Last Modified: Dec. 18, 2025, 3:08 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.