Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing tx_frames wl1251_tx_packet_cb() uses the firmware completion ID directly to index the fixed 16-entry wl->tx_frames[] array. The ID is a raw u8 from the completion block, and the callback does not currently verify that it fits the array before dereferencing it. Reject completion IDs that fall outside wl->tx_frames[] and keep the existing NULL check in the same guard. This keeps the fix local to the trust boundary and avoids touching the rest of the completion flow.

INFO

Published Date :

2026-05-06T07:40:39.234Z

Last Modified :

2026-05-08T12:40:38.409Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43113 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43113.

URL Resource
https://git.kernel.org/stable/c/0fd56fad9c56356e7fa7a7c52e7ecbf807a44eb0 cve-icon cve-icon
https://git.kernel.org/stable/c/26ee518695c484f75e3606d631278e84bd24ae02 cve-icon cve-icon
https://git.kernel.org/stable/c/8d7465be5163a923ee5d7459719ef5a021c1584a cve-icon cve-icon
https://git.kernel.org/stable/c/b6ba1eacf276063ebeefbbae8056043c24f2efaf cve-icon cve-icon
https://git.kernel.org/stable/c/df15adc692a802636dd3f258fc7cca8bf7a0ed9a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050625-CVE-2026-43113-cc30@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43113 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43113 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact