CVE-2026-53178
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
In the Linux kernel, the rtl8723bs staging driver for Realtek WiFi chipsets lacks bounds checks before subtracting fixed IE offsets from ie_length, which can cause unsigned integer underflow.
Risk Assessment
An attacker could exploit this vulnerability to trigger undefined driver behavior, potentially leading to system crash or privilege escalation in kernel context.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit adding bounds checks before subtraction in rtw_mlme).
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction Add guards to ensure ie_length is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow.

