CVE-2026-23073

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory corruption issue exists in the Linux kernel related to WiFi drivers. Specifically, the RSI911x driver does not correctly set the size of the vif driver data within the ieee80211 vif structure. This leads to out-of-bounds access and potential memory corruption when the driver attempts to store its vif priv data structure. The issue can be triggered by bringing the wlan0 interface up and down in quick succession. A write operation to vif->drv priv corrupts the new flows member of the fq tin structure, potentially leading to a crash when accessing a bogus address in the fq tin reset() function. The vulnerable function is rsi mac80211 add interface().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2026-23073

ECHO-9143-8DE4-ECC3

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8162-1

USN-8180-1

USN-8180-2

USN-8180-3

USN-8180-4

USN-8180-5

USN-8180-6

USN-8186-1

USN-8187-1

USN-8188-1

USN-8243-1

USN-8275-1

USN-8278-1

USN-8278-2

USN-8289-1

USN-8289-2

USN-8296-1

USN-8296-2

USN-8297-1

Affected Products

Linuxmint

Linux Kernel

Rsi911X

Ubuntu

CVE-2026-23073

Weakness Enumeration

Related Identifiers

Affected Products

References · 2160