CVE Catalog

CVE-2026-53179

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

In the Linux kernel, a buffer over-read vulnerability was found in the staging driver rtl8723bs in the rtw_update_protection function. The function is called with a pointer offset into the ies buffer but the full ie_length is passed, potentially causing a read beyond the allocated buffer.

Risk Assessment

The risk involves potential leakage of sensitive kernel memory data or system instability, which could be exploited by a local attacker for privilege escalation or denial of service.

Recommendation

It is recommended to immediately update the Linux kernel to a version containing the fix for CVE-2026-53179. Monitor official security advisories from your distribution and apply the appropriate patches.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix buffer over-read in rtw_update_protection rtw_update_protection() is called with a pointer offset into the ies buffer but the full ie_length is passed, causing a potential buffer over-read.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS