CVE-2025-71100

Published: Jan 13, 2026Modified: Mar 25, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() TID getting from ieee80211_get_tid() might be out of range of array size of sta_entry->tids[], so check TID is less than MAX_TID_COUNT. Othwerwise, UBSAN warn: UBSAN: array-index-out-of-bounds in drivers/net/wireless/realtek/rtlwifi/rtl8192cu/trx.c:514:30 index 10 is out of range for type 'rtl_tid_data [9]'

Affected (11)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.13 to 6.18.4
Linux Linux Kernel	From 6.9.1 to 6.12.64
Linux Linux Kernel	Version 6.19 rc1
Linux Linux Kernel	Version 6.19 rc2
Linux Linux Kernel	Version 6.19 rc3
Linux Linux Kernel	Version 6.19 rc4
Linux Linux Kernel	Version 6.19 rc5
Linux Linux Kernel	Version 6.19 rc6
Linux Linux Kernel	Version 6.19 rc7
Linux Linux Kernel	Version 6.19 rc8
Linux Linux Kernel	Version 6.9

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (3)

https://git.kernel.org/stable/c/90a15ff324645aa806d81fa349497cd964861b66

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/9765d6eb8298b07d499cdf9ef7c237d3540102d6

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/dd39edb445f07400e748da967a07d5dca5c5f96e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.