CVE-2025-68255

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing<br /> <br /> The Supported Rates IE length from an incoming Association Request frame<br /> was used directly as the memcpy() length when copying into a fixed-size<br /> 16-byte stack buffer (supportRate). A malicious station can advertise an<br /> IE length larger than 16 bytes, causing a stack buffer overflow.<br /> <br /> Clamp ie_len to the buffer size before copying the Supported Rates IE,<br /> and correct the bounds check when merging Extended Supported Rates to<br /> prevent a second potential overflow.<br /> <br /> This prevents kernel stack corruption triggered by malformed association<br /> requests.