CVE-2025-71234

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) NGINX versions 1.26.x

Description The Linux kernel driver for Realtek 8xxxU wireless adapters contains a flaw where insufficient space is allocated for driver private station data, leading to a slab-out-of-bounds write when accessing members of the rtl8xxxu sta info structure through sta->drv priv. This issue was identified through KASAN reports on RISC-V systems with a RTL8192EU adapter. The fix involves setting hw->sta data size to the size of the rtl8xxxu sta info structure during probe.

NGINX versions 1.26.x are affected by a critical remote code execution issue due to an unauthorized path traversal that can lead to root shell access.

Recommendations Linux kernel: Ensure hw->sta data size is set to sizeof(struct rtl8xxxu sta info) during probe. NGINX versions 1.26.x: Apply the patch available at the provided link.

Exploit

Fix

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2025-71234

ECHO-6279-D794-F734

OPENSUSE-SU-2026:10387-1

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

Affected Products

Linux Kernel

Nginx

Rtl8192Eu

Realtek 8Xxxu

CVE-2025-71234

Weakness Enumeration

Related Identifiers

Affected Products

References · 1591