Home

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() The rtl8187_rx_cb() calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received packet (skb->len from urb->actual_length) is large enough to contain this header. If a truncated packet is received, this will lead to a buffer underflow, reading memory before the start of the skb data area, and causing a kernel panic. Add length checks for both rtl8187 and rtl8187b descriptor headers before attempting to access them, dropping the packet cleanly if the check fails.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-24 | Updated 2026-02-09 | Assigner Linux

Product status

Default status
unaffected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 118e12bf3e4288cf845cd3759bd9d4c99f91aab5
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 6a96bd0d94305fd04a6ac64446ec113bae289384
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before e2f3ea15e804607e0a4a34a2f6c331c8750b68bc
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before dc153401fb26c1640a2b279c47b65e1c416af276
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 4758770a673c60d8f615809304d72e1432fa6355
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 638d4148e166d114a4cd7becaae992ce1a815ed8
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before 5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15
affected

6f7853f3cbe457067e9fe05461f56c7ea4ac488c (git) before b647d2574e4583c2e3b0ab35568f60c88e910840
affected

Default status
affected

2.6.27
affected

Any version before 2.6.27
unaffected

5.10.248 (semver)
unaffected

5.15.198 (semver)
unaffected

6.1.160 (semver)
unaffected

6.6.120 (semver)
unaffected

6.12.63 (semver)
unaffected

6.17.13 (semver)
unaffected

6.18.2 (semver)
unaffected

6.19 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/118e12bf3e4288cf845cd3759bd9d4c99f91aab5

git.kernel.org/...c/6a96bd0d94305fd04a6ac64446ec113bae289384

git.kernel.org/...c/e2f3ea15e804607e0a4a34a2f6c331c8750b68bc

git.kernel.org/...c/dc153401fb26c1640a2b279c47b65e1c416af276

git.kernel.org/...c/4758770a673c60d8f615809304d72e1432fa6355

git.kernel.org/...c/638d4148e166d114a4cd7becaae992ce1a815ed8

git.kernel.org/...c/5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15

git.kernel.org/...c/b647d2574e4583c2e3b0ab35568f60c88e910840

cve.org (CVE-2025-68362)

nvd.nist.gov (CVE-2025-68362)

Download JSON