Stack Buffer Overflow Vulnerability in Linux Kernel Staging Product by Linux Foundation
CVE-2025-68255

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68255?

A stack buffer overflow vulnerability has been identified in the Linux kernel, specifically in the staging driver for rtl8723bs, related to the parsing of OnAssocReq Information Elements (IE). When an incoming Association Request frame contains a Supported Rates IE length that exceeds the size of a fixed 16-byte stack buffer (supportRate), a malicious actor can exploit this flaw. This vulnerability allows the attacker to potentially corrupt the kernel stack, which may lead to various operational and security risks. To mitigate this risk, the implementation has been updated to clamp the IE length to the buffer size before executing the memcpy() operation and refine the bounds check when merging Extended Supported Rates. These corrective actions aim to prevent further stack corruption issues originating from malformed association requests.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b < 49b7806851f93fd342838c93f4f765e0cc5029b0

Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b < 4445adedae770037078803d1ce41f9e88a1944b6

Linux 554c0a3abf216c991c5ebddcdb2c08689ecd290b

References

https://git.kernel.org/stable/c/49b7806851f93fd342838c93f...
https://git.kernel.org/stable/c/4445adedae770037078803d1c...
https://git.kernel.org/stable/c/d129dc2a5d59b4d9cd2cc0b6e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.