CVE-2026-43176 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate sequence number of TX release report") does validation on existing chips, which somehow a release report of SKB becomes malformed. As no clear cause found, add rules ahead for RTL8922DE to avoid crash if it happens.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3
https://git.kernel.org/stable/c/5f93d611b33a05bd03d6843c8efe8cb6a1992620
https://git.kernel.org/stable/c/ebeaa3b24ba568ff8505165f954dba15cc53e4b3

History

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate sequence number of TX release report") does validation on existing chips, which somehow a release report of SKB becomes malformed. As no clear cause found, add rules ahead for RTL8922DE to avoid crash if it happens.
Title		wifi: rtw89: pci: validate release report content before using for RTL8922DE
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3 https://git.kernel.org/stable/c/5f93d611b33a05bd03d6843c8efe8cb6a1992620 https://git.kernel.org/stable/c/ebeaa3b24ba568ff8505165f954dba15cc53e4b3

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:27:50.150Z

Updated: 2026-05-06T11:27:50.150Z

Reserved: 2026-05-01T14:12:55.991Z

Link: CVE-2026-43176

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:36.083

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43176

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-43176", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-01T14:12:55.991Z", "datePublished": "2026-05-06T11:27:50.150Z", "dateUpdated": "2026-05-06T11:27:50.150Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-06T11:27:50.150Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: pci: validate release report content before using for RTL8922DE\n\nThe commit 957eda596c76\n(\"wifi: rtw89: pci: validate sequence number of TX release report\")\ndoes validation on existing chips, which somehow a release report of SKB\nbecomes malformed. As no clear cause found, add rules ahead for RTL8922DE\nto avoid crash if it happens."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/realtek/rtw89/pci.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ebeaa3b24ba568ff8505165f954dba15cc53e4b3", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "5f93d611b33a05bd03d6843c8efe8cb6a1992620", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/realtek/rtw89/pci.c"], "versions": [{"version": "6.18.16", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.6", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.18.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.19.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ebeaa3b24ba568ff8505165f954dba15cc53e4b3"}, {"url": "https://git.kernel.org/stable/c/3e8a88b5e8b3506d9c5e031a65ba65ce9a0683a3"}, {"url": "https://git.kernel.org/stable/c/5f93d611b33a05bd03d6843c8efe8cb6a1992620"}], "title": "wifi: rtw89: pci: validate release report content before using for RTL8922DE", "x_generator": {"engine": "bippy-1.2.0"}}}}