CVE-2025-68362 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() The rtl8187_rx_cb() calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received packet (skb->len from urb->actual_length) is large enough to contain this header. If a truncated packet is received, this will lead to a buffer underflow, reading memory before the start of the skb data area, and causing a kernel panic. Add length checks for both rtl8187 and rtl8187b descriptor headers before attempting to access them, dropping the packet cleanly if the check fails.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 4758770a673c60d8f615809304d72e1432fa6355

affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 638d4148e166d114a4cd7becaae992ce1a815ed8

affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15

affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before b647d2574e4583c2e3b0ab35568f60c88e910840

affected

Default status

affected

2.6.27

affected

Any version before 2.6.27

unaffected

6.12.63 (semver)

unaffected

6.17.13 (semver)

unaffected

6.18.2 (semver)

unaffected

6.19-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/4758770a673c60d8f615809304d72e1432fa6355

git.kernel.org/...c/638d4148e166d114a4cd7becaae992ce1a815ed8

git.kernel.org/...c/5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15

git.kernel.org/...c/b647d2574e4583c2e3b0ab35568f60c88e910840

cve.org (CVE-2025-68362)

nvd.nist.gov (CVE-2025-68362)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu