PT-2026-37423 · Linux · Linux Kernel
Published
2026-05-06
·
Updated
2026-05-08
·
CVE-2026-43113
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux Kernel (affected versions not specified)
Description
An out-of-bounds array access exists in the WiFi wl1251 driver. The
wl1251 tx packet cb() function uses a firmware completion ID, provided as a raw u8 from the completion block, to index the wl->tx frames[] array without verifying that the ID falls within the array's 16-entry limit.Recommendations
Restrict the use of the
wl1251 tx packet cb() function or the wl1251 driver until a patch is applied.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel