7 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: mcan: pci: added the missing mcanclassfreedev function in probe/remove methods. In mcanpciremove and the error handling path of mcanpciprobe, mcanclassfreedev should be called to release resources allocated by...
CVE-2026-23298 can: ucan: Fix infinite loop from zero-length messages
In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...
ROS-20260112-7353
A vulnerability in the mcp251xfdopen function of the drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c module of the Linux kernel is related to the execution of a loop with an unreachable exit condition "Infinite loop". Exploitation of the vulnerability could allow an attacker to cause a denial of...
CVE-2025-68343
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...
UBUNTU-CVE-2023-53344
In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcmtxsetup: fix KMSAN uninit-value in vfswrite Syzkaller reported the following issue: ===================================================== BUG: KMSAN: uninit-value in aiorwdone fs/aio.c:1520 inline BUG: KMSAN:...
SUSE CVE-2022-49275
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly before the start of the xmit in hardware, similar to the 3.1.x branch...
DEBIAN-CVE-2019-19529
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka CID-4d6636498c41...