CVE-2026-43387
Published May 8, 2026
Modified May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser"), we don't trust the data in the frame so we should check the length better before acting on it
Is your site exposed to CVE-2026-43387?
Run a free security scan — no signup, results in seconds.
EPSS — Exploit Prediction
0.0001
Probability of exploitation
0.02%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/35969c3a208a07cb8642301df5869c34e2db7071
https://git.kernel.org/stable/c/6d62fa548387e159a21ea95132c09bfc96d336ed
https://git.kernel.org/stable/c/740bca8bbdb707c0e4bb11e3316deb2f04fc7ce1
https://git.kernel.org/stable/c/8097a48c606a9306281ea7bd73bf2afc97553733
https://git.kernel.org/stable/c/821f7d759fb2de33c5e5b0c4981181c4d0c3e9b1
https://git.kernel.org/stable/c/9a4cd4c37593cc8b8d28f9a6732b490a8032006a
https://git.kernel.org/stable/c/ac38856092b4c994f94343251b30520bdeb7f475
https://git.kernel.org/stable/c/f0109b9d3e1e455429279d602f6276e34689750a
Frequently Asked Questions
What is CVE-2026-43387? +
In the Linux kernel, the following vulnerability has been resolved:
staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()
Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-of-bounds
read in rtw_get_ie() parser"), we don't trust the data in the frame so
we should check the length better before acting on it
How do I check if I'm vulnerable to CVE-2026-43387? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.