PT-2025-51667 · Realtek+4 · Rtl8723Bs+4

Published

2025-11-20

·

Updated

2026-05-11

·

CVE-2025-68254

CVSS v2.0

2.7

Low

VectorAV:A/AC:L/Au:S/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw in the staging driver for rtl8723bs related to handling Extended Supported Rates (ESR) Information Elements (IE) within beacon frames. A malformed beacon frame, specifically one with an ESR IE positioned at the end of the buffer, could lead to an out-of-bounds read. This could potentially cause a kernel panic. The issue arises from accessing memory locations *(p + 1 + ielen) and *(p + 2 + ielen) without verifying they are within the bounds of the received frame buffer. A boundary check has been added to prevent accessing memory outside the frame limits before attempting to read the ESR IE body and subsequent bytes.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

AZL-72514
BDU:2026-03066
CVE-2025-68254
ECHO-7BFD-20A6-28DC
OPENSUSE-SU-2025:15836-1
OPENSUSE-SU-2026:10301-1
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0447-1
SUSE-SU-2026:0472-1
SUSE-SU-2026:0587-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8094-1
USN-8094-2
USN-8094-3
USN-8094-4
USN-8094-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8116-1
USN-8141-1
USN-8152-1
USN-8163-1
USN-8163-2
USN-8179-1
USN-8179-2
USN-8179-3
USN-8179-4
USN-8184-1
USN-8185-1
USN-8185-2
USN-8203-1
USN-8204-1
USN-8243-1
USN-8258-1
USN-8260-1
USN-8261-1
USN-8265-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu
Rtl8723Bs