50 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The can: hi311x module has corrected the ndochangemtu function to prevent buffer overflows. Sending a PFPACKET allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only check...
Astra Linux - уязвимость в linux, linux-5.10
The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013792)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013792 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011291)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011291 advisory. In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypa...
CVE-2026-23155 can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix error message Sinc commit 79a6d1bfe114 "can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error" a failing resubmit URB will print an info message. In the case of a short...
CVE-2026-23031
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003807 advisory. A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003655)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003655 advisory. A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004351)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004351 advisory. In the Linux kernel before 5.4.16, a race condition in tty-discdata handling in the slip and slcan line discipline could lead to a use-after-free, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003989)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003989 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004401)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004401 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000206)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000206 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000344)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000344 advisory. A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory...
CVE-2025-40107
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...
Linux Distros Unpatched Vulnerability : CVE-2025-39987
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit...
SUSE CVE-2025-39986
In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...
CVE-2025-39986
In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...
EUVD-2025-34585
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...
CVE-2025-39986
In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...
UBUNTU-CVE-2025-39987
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...