CVE-2026-43387

EUVD-2026-28693
In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()

Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds
read in rtw_get_ie() parser"), we don't trust the data in the frame so
we should check the length better before acting on it
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.170-1
fixed
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.19.14-1
fixed
sid
7.0.4-1
fixed
trixie
vulnerable
trixie (security)
6.12.86-1
fixed
References
https://git.kernel.org/stable/c/35969c3a208a07cb8642301df5869c34e2db7071
https://git.kernel.org/stable/c/6d62fa548387e159a21ea95132c09bfc96d336ed
https://git.kernel.org/stable/c/740bca8bbdb707c0e4bb11e3316deb2f04fc7ce1
https://git.kernel.org/stable/c/8097a48c606a9306281ea7bd73bf2afc97553733
https://git.kernel.org/stable/c/821f7d759fb2de33c5e5b0c4981181c4d0c3e9b1
https://git.kernel.org/stable/c/9a4cd4c37593cc8b8d28f9a6732b490a8032006a
https://git.kernel.org/stable/c/ac38856092b4c994f94343251b30520bdeb7f475
https://git.kernel.org/stable/c/f0109b9d3e1e455429279d602f6276e34689750a