Packet ID Validation Issue in Linux Kernel's wl1251 Wireless Driver
CVE-2026-43113

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43113?

A vulnerability exists in the WL1251 wireless driver within the Linux kernel that fails to validate packet IDs before indexing the tx_frames array. The wl1251_tx_packet_cb() function incorrectly uses the firmware completion ID to index directly into a fixed array without proper checks. If completion IDs fall outside the expected range, this can lead to undefined behavior or potential access violations. To mitigate this, it is crucial to implement strict validation of completion IDs against the bounds of the tx_frames array to maintain the integrity of the completion process.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8d7465be5163a923ee5d7459719ef5a021c1584a

References

https://git.kernel.org/stable/c/b6ba1eacf276063ebeefbbae8...

https://git.kernel.org/stable/c/df15adc692a802636dd3f258f...

https://git.kernel.org/stable/c/8d7465be5163a923ee5d74597...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43113 Data

JSON