ROS-20260114-7305

A vulnerability in the irqreturnt hi3110canist function of the drivers/net/can/spi/hi311x.c module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

SUSE CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

Linux Distros Unpatched Vulnerability : CVE-2025-40107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver...

EUVD-2025-37481

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

AZL-69586 CVE-2025-40107 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107

Technical details about CVE-2025-40107 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are specified here. Monitor for official advisories for confirmation and remediation guidance.

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly initialize a work queue in the hi311x driver, which could lead to null pointer...

CVE-2025-39987

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

can: hi311x: populate ndo_change_mtu() to prevent buffer overflow

...

CVE-2025-39987

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

CVE-2025-39987 can: hi311x: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

PT-2025-42262

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's CAN Controller Area Network subsystem, specifically within the hi311x driver. Sending a PF PACKET can bypass the CAN framework's logic and directly...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hi311x driver's failure to implement the ndochangemtu function, which could lead to a buffer overflow...

PT-2025-44760

Name of the Vulnerable Software and Affected Versions Linux Kernel hi311x CAN driver affected versions not specified Description The Linux kernel’s hi311x CAN driver contains a flaw where a null pointer dereference can occur when resuming from sleep if the network interface was not previously...

SUSE CVE-2024-56651

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110canist: fix potential use-after-free The commit a22bd630cfff "can: hi311x: do not report txerr and rxerr during bus-off" removed the reporting of rxerr and txerr even in case of correct operation i. e. not...

CVE-2024-56651

CVE-2024-56651 affects the Linux kernel hi311x CAN driver (hi3110_can_ist). The issue is a potential use-after-free: error count data added to the CAN frame after netif_rx() could reference a skb that is freed or reused. Root cause: reporting of rxerr/txerr persisted during non-bus-off operation,...