Slab-Out-of-Bounds Vulnerability in Linux Kernel's rtl8xxxu Driver
CVE-2025-71234

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 February 2026

What is CVE-2025-71234?

A vulnerability exists in the Linux kernel's rtl8xxxu driver, where an incorrect allocation of memory for private station data leads to a slab-out-of-bounds write. This issue arises due to the driver not setting 'hw->sta_data_size', resulting in insufficient space being allocated for the driver’s private data during the connection of a station. This can potentially allow for exploitation in systems utilizing the RTL8192EU adapter, as demonstrated in KASAN reports on the VisionFive 2 board. The kernel must ensure adequate memory allocation by configuring 'hw->sta_data_size' appropriately, enhancing system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux eef55f1545c92c7181d5083453dee1296298ad3e < 5d810ba377eddee95d30766d360a14efbb3d1872

Linux eef55f1545c92c7181d5083453dee1296298ad3e < 116f7bd8160c6b37d1c6939385abf90f6f6ed2f5

Linux eef55f1545c92c7181d5083453dee1296298ad3e < 9a0f3fa6ecd0c9c32dbc367a57482bbf7c7d25bf

References

https://git.kernel.org/stable/c/5d810ba377eddee95d30766d3...
https://git.kernel.org/stable/c/116f7bd8160c6b37d1c693938...
https://git.kernel.org/stable/c/9a0f3fa6ecd0c9c32dbc367a5...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.