CVE-2026-43386
Analyzed Analyzed - Analysis Complete
Out-of-Bounds Read in Linux Kernel RTL8723BS WiFi Driver

Publication date: 2026-05-08

Last updated on: 2026-05-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie The current code checks 'i + 5 < in_len' at the end of the if statement. However, it accesses 'in_ie[i + 5]' before that check, which can lead to an out-of-bounds read. Move the length check to the beginning of the conditional to ensure the index is within bounds before accessing the array.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-26
Generated
2026-05-29
AI Q&A
2026-05-08
EPSS Evaluated
2026-05-28
NVD
CVE-2026-43386
EUVD
EUVD-2026-28692
Affected Vendors & Products
Showing 10 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.2 (inc) to 6.6.130 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.203 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.167 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.19 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.78 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.9 (exc)
linux linux_kernel From 4.12 (inc) to 5.10.253 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's staging driver rtl8723bs. The issue is a potential out-of-bounds read caused by accessing an array element before verifying that the index is within the valid range. Specifically, the code accesses 'in_ie[i + 5]' before checking if 'i + 5' is less than the input length, which can lead to reading memory outside the intended bounds.

The fix involves moving the length check to the beginning of the conditional statement to ensure the index is within bounds before accessing the array.


How can this vulnerability impact me? :

An out-of-bounds read vulnerability can potentially lead to information disclosure or cause a system crash if the kernel reads invalid memory. However, the exact impact depends on how the vulnerable code is used and whether an attacker can exploit this to gain sensitive information or disrupt system operations.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is caused by an out-of-bounds read in the rtl8723bs staging driver in the Linux kernel. To mitigate this vulnerability, you should update your Linux kernel to a version where this issue has been fixed.

Specifically, ensure that the kernel includes the fix that moves the length check to the beginning of the conditional to prevent accessing out-of-bounds array indices.

If updating the kernel immediately is not possible, consider disabling the rtl8723bs driver or the affected functionality temporarily to reduce risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart