CVE-2025-71229
- Source
- https://cve.org/CVERecord?id=CVE-2025-71229
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71229.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-71229
- Downstream
- Published
- 2026-02-18T14:53:13.412Z
- Modified
- 2026-02-23T21:20:49.381758Z
- Summary
- wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw88: Fix alignment fault in rtwcoreenable_beacon()
rtwcoreenable_beacon() reads 4 bytes from an address that is not a multiple of 4. This results in a crash on some systems.
Do 1 byte reads/writes instead.
Unable to handle kernel paging request at virtual address ffff8000827e0522 Mem abort info: ESR = 0x0000000096000021 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x21: alignment fault Data abort info: ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000005492000 [ffff8000827e0522] pgd=0000000000000000, p4d=10000001021d9403, pud=10000001021da403, pmd=100000011061c403, pte=00780000f3200f13 Internal error: Oops: 0000000096000021 [#1] SMP Modules linked in: [...] rtw888822ce rtw888822c rtw88pci rtw88core [...] CPU: 0 UID: 0 PID: 73 Comm: kworker/u32:2 Tainted: G W 6.17.9 #1-NixOS VOLUNTARY Tainted: [W]=WARN Hardware name: FriendlyElec NanoPC-T6 LTS (DT) Workqueue: phy0 rtwc2hwork [rtw88core] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : rtwpciread32+0x18/0x40 [rtw88pci] lr : rtwcoreenablebeacon+0xe0/0x148 [rtw88core] sp : ffff800080cc3ca0 x29: ffff800080cc3ca0 x28: ffff0001031fc240 x27: ffff000102100828 x26: ffffd2cb7c9b4088 x25: ffff0001031fc2c0 x24: ffff000112fdef00 x23: ffff000112fdef18 x22: ffff000111c29970 x21: 0000000000000001 x20: 0000000000000001 x19: ffff000111c22040 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : ffffd2cb6507c090 x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 0000000000007f10 x1 : 0000000000000522 x0 : ffff8000827e0522 Call trace: rtwpciread32+0x18/0x40 [rtw88pci] (P) rtwhwscanchanswitch+0x124/0x1a8 [rtw88core] rtwfwc2hcmdhandle+0x254/0x290 [rtw88core] rtwc2hwork+0x50/0x98 [rtw88core] processonework+0x178/0x3f8 workerthread+0x208/0x418 kthread+0x120/0x220 retfrom_fork+0x10/0x20 Code: d28fe202 8b020000 f9524400 8b214000 (b9400000) ---[ end trace 0000000000000000 ]---
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71229.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0177aa828d966117ea30a44f2e1890fdb356118e
- https://git.kernel.org/stable/c/13394550441557115bb74f6de9778c165755a7ab
- https://git.kernel.org/stable/c/653f8b6a091538b084715f259900f62c2ec1c6cf
- https://git.kernel.org/stable/c/71dee092903adb496fe1f357b267d94087b679e0
- https://git.kernel.org/stable/c/7d31dde1bd8678115329e46dc8d7afb63c176b74
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71229.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-71229
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedad6741b1e0449ba8f4eb41dc28e269dc20ab9219Fixed71dee092903adb496fe1f357b267d94087b679e0Fixed7d31dde1bd8678115329e46dc8d7afb63c176b74Fixed13394550441557115bb74f6de9778c165755a7abFixed653f8b6a091538b084715f259900f62c2ec1c6cfFixed0177aa828d966117ea30a44f2e1890fdb356118e