{"id":"CVE-2025-68362","summary":"wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()\n\nThe rtl8187_rx_cb() calculates the rx descriptor header address\nby subtracting its size from the skb tail pointer.\nHowever, it does not validate if the received packet\n(skb-\u003elen from urb-\u003eactual_length) is large enough to contain this\nheader.\n\nIf a truncated packet is received, this will lead to a buffer\nunderflow, reading memory before the start of the skb data area,\nand causing a kernel panic.\n\nAdd length checks for both rtl8187 and rtl8187b descriptor headers\nbefore attempting to access them, dropping the packet cleanly if the\ncheck fails.","modified":"2026-03-31T17:29:23.741765Z","published":"2025-12-24T10:32:50.492Z","related":["SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0473-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:10039-1","openSUSE-SU-2026:10301-1","openSUSE-SU-2026:20145-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68362.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/118e12bf3e4288cf845cd3759bd9d4c99f91aab5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4758770a673c60d8f615809304d72e1432fa6355"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15"},{"type":"WEB","url":"https://git.kernel.org/stable/c/638d4148e166d114a4cd7becaae992ce1a815ed8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6a96bd0d94305fd04a6ac64446ec113bae289384"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b647d2574e4583c2e3b0ab35568f60c88e910840"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dc153401fb26c1640a2b279c47b65e1c416af276"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e2f3ea15e804607e0a4a34a2f6c331c8750b68bc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68362.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68362"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6f7853f3cbe457067e9fe05461f56c7ea4ac488c"},{"fixed":"118e12bf3e4288cf845cd3759bd9d4c99f91aab5"},{"fixed":"6a96bd0d94305fd04a6ac64446ec113bae289384"},{"fixed":"e2f3ea15e804607e0a4a34a2f6c331c8750b68bc"},{"fixed":"dc153401fb26c1640a2b279c47b65e1c416af276"},{"fixed":"4758770a673c60d8f615809304d72e1432fa6355"},{"fixed":"638d4148e166d114a4cd7becaae992ce1a815ed8"},{"fixed":"5ebf0fe7eaef9f6173a4c6ea77c5353e21645d15"},{"fixed":"b647d2574e4583c2e3b0ab35568f60c88e910840"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68362.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.27"},{"fixed":"5.10.248"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.198"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.160"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.120"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.63"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.13"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.18.0"},{"fixed":"6.18.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68362.json"}}],"schema_version":"1.7.5"}