In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected using the static analysis tool - Svace.

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected using the static analysis tool - Svace.

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected using the static analysis tool - Svace.

wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds

In the Linux kernel, the following vulnerability has been resolved: w ...

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected using the static analysis tool - Svace.

Уязвимость функции rtw_fw_bt_wifi_control() модуля drivers/net/wireless/realtek/rtw88/coex.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость kernel-lt

Moderate: kernel security update

ELSA-2025-13589: kernel security update (MODERATE)

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

Moderate: kernel security update

ELSA-2025-13598: kernel security update (MODERATE)

Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)

Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7 RT)

Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7 RT)