CVE-2025-71234
- ULN >
- Oracle Linux CVE repository >
- CVE-2025-71234
CVE Details
| Release Date: | 2026-02-18 | |
| Impact: | Low | What is this? |
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc(). When rtl8xxxu_sta_add() accesses members of struct rtl8xxxu_sta_info through sta->drv_priv, this results in a slab-out-of-bounds write. KASAN report on RISC-V (VisionFive 2) with RTL8192EU adapter: BUG: KASAN: slab-out-of-bounds in rtl8xxxu_sta_add+0x31c/0x346 Write of size 8 at addr ffffffd6d3e9ae88 by task kworker/u16:0/12 Set hw->sta_data_size to sizeof(struct rtl8xxxu_sta_info) during probe, similar to how hw->vif_data_size is configured. This ensures mac80211 allocates sufficient space for the driver's per-station private data. Tested on StarFive VisionFive 2 v1.2A board.
See more information about CVE-2025-71234 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS metrics and score provided are preliminary and subject to review.
CVSS v3 metrics
| Base Score: | 5.8 |
| Vector String: | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H |
| Version: | 3.1 |
| Attack Vector: | Local |
| Attack Complexity: | High |
| Privileges Required: | Low |
| User Interaction: | None |
| Scope: | Unchanged |
| Confidentiality Impact: | Low |
| Integrity Impact: | Low |
| Availability Impact: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 10 (kernel-uek) | ELSA-2026-50160 | 2026-03-20 |
| Oracle Linux version 9 (kernel-uek) | ELSA-2026-50160 | 2026-03-20 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
