CVE-2026-43176

Published: May 6, 2026

Modified: May 11, 2026

PUBLISHED

CVSS v3.1

8.8

HIGH

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate sequence number of TX release report") does validation on existing chips, which somehow a release report of SKB becomes malformed. As no clear cause found, add rules ahead for RTL8922DE to avoid crash if it happens.

Vendor	Product	Versions
Linux	Linux	affected `110f3c11f440d78ef8a181f75456e24e428f69e4 - < ebeaa3b24ba568ff8505165f954dba15cc53e4b3` affected `110f3c11f440d78ef8a181f75456e24e428f69e4 - < 3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3` affected `110f3c11f440d78ef8a181f75456e24e428f69e4 - < 5f93d611b33a05bd03d6843c8efe8cb6a1992620`
Linux	Linux	affected `6.18` unaffected `0 - < 6.18` unaffected `6.18.16 - <= 6.18.` unaffected `6.19.6 - <= 6.19.` unaffected `7.0 - <= *`

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://git.kernel.org/stable/c/ebeaa3b24ba568ff8505165f954dba15cc53e4b3

https://git.kernel.org/stable/c/3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3

https://git.kernel.org/stable/c/5f93d611b33a05bd03d6843c8efe8cb6a1992620

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43176

Description

Affected Products

CVSS v3.1 Details

References