2461466 – (CVE-2026-31626) CVE-2026-31626 kernel: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

Bug 2461466 (CVE-2026-31626) - CVE-2026-31626 kernel: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

Summary: CVE-2026-31626 kernel: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_ver...

Keywords:
Status:	NEW
Alias:	CVE-2026-31626
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-24 15:03 UTC by OSIDB Bzimport
Modified:	2026-04-24 20:36 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-24 15:03:05 UTC

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

Initialize le_tmp64 to zero in rtw_BIP_verify() to prevent using
uninitialized data.

Smatch warns that only 6 bytes are copied to this 8-byte (u64)
variable, leaving the last two bytes uninitialized:

drivers/staging/rtl8723bs/core/rtw_security.c:1308 rtw_BIP_verify()
warn: not copying enough bytes for '&le_tmp64' (8 vs 6 bytes)

Initializing the variable at the start of the function fixes this
warning and ensures predictable behavior.

Comment 1 Keith Grant 2026-04-24 20:34:12 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31626-2085@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.