Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The can: hi311x module has corrected the ndochangemtu function to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013792)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013792 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...

CVE-2026-23155 can: gs_usb: gs_usb_receive_bulk_callback(): fix error message

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix error message Sinc commit 79a6d1bfe114 "can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error" a failing resubmit URB will print an info message. In the case of a short...

CVE-2026-23031

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003655 advisory. A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004351 advisory. In the Linux kernel before 5.4.16, a race condition in tty-discdata handling in the slip and slcan line discipline could lead to a use-after-free, aka...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004401 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000344)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000344 advisory. A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory...

CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

UBUNTU-CVE-2025-39988

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414429)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414429 advisory. usb8devstartxmit in drivers/net/can/usb/usb8dev.c in the Linux kernel through 5.17.1 has a double free. Tenable has extracted the preceding description block directl...

kernel: can: peak_usb: fix use after free bugs

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...

kernel: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds

In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...

CVE-2024-56651 can: hi311x: hi3110_can_ist(): fix potential use-after-free

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110canist: fix potential use-after-free The commit a22bd630cfff "can: hi311x: do not report txerr and rxerr during bus-off" removed the reporting of rxerr and txerr even in case of correct operation i. e. not...

UBUNTU-CVE-2022-49024

In the Linux kernel, the following vulnerability has been resolved: can: mcan: pci: add missing mcanclassfreedev in probe/remove methods In mcanpciremove and error handling path of mcanpciprobe, mcanclassfreedev should be called to free resource allocated by mcanclassallocatedev, otherwise there...

DEBIAN-CVE-2021-47520

In the Linux kernel, the following vulnerability has been resolved: can: pchcan: pchcanrxnormal: fix use after free After calling netifreceiveskbskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is dereferenced just after the call netifreceiveskbskb. Reorderin...

SUSE CVE-2023-52878

In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...

kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c

A double-free flaw was found in the Linux kernel's USB2CAN interface implementation. This issue could allow a local user to crash the system...

ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.

...

AZL-9293 CVE-2022-28388 affecting package kernel for versions less than 5.15.37.1-2

usb8devstartxmit in drivers/net/can/usb/usb8dev.c in the Linux kernel through 5.17.1 has a double free...