21 matches found
cannelloni 安全漏洞
cannelloni is an Ethernet-based socketCAN tunneling tool from the individual developer Maximilian Güntner. A security vulnerability exists in cannelloni version v2.0.0, which stems from a buffer overflow in the parseCANFrame function in parser.cpp and in the decodeFrame function in decoder.cpp wh...
CVE-2026-32707
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattucan contains an unbounded memcpy in its multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In deployments where tattucan is enabled and running, a CAN-injection-capable...
CVE-2026-32707 PX4 autopilot has a stack buffer overflow in tattu_can due to unbounded memcpy in frame assembly loop
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, tattucan contains an unbounded memcpy in its multi-frame assembly loop, allowing stack memory overwrite when crafted CAN frames are processed. In deployments where tattucan is enabled and running, a CAN-injection-capable...
CVE-2025-39986
CVE-2025-39986 affects the Linux kernel sun4i_can CAN driver. Root cause: sun4i_can did not populate net_device_ops->ndo_change_mtu(), allowing an attacker to set an invalid MTU (e.g., 9999) via ip link and then use PF_PACKET with ETH_P_CANXL to inject frames. The PF_PACKET path only checks sk...
Linux Distros Unpatched Vulnerability : CVE-2023-53523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls...
EUVD-2025-31889
Malicious code in bioql PyPI...
EUVD-2025-17384
Malicious code in bioql PyPI...
SUSE CVE-2023-53523
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect and then the struct...
CVE-2023-53523 can: gs_usb: fix time stamp counter initialization
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect and then the struct...
CVE-2025-37993
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
DEBIAN-CVE-2025-37993
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
CVE-2025-37993 can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
PT-2025-23152 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc3 Description: A vulnerability in the Linux kernel has been resolved, related to the initialization of a spin lock in the m can classdev struct. The issue occurs when trying to send CAN frames, resultin...
CVE-2022-49659
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...
kernel: NULL pointer dereference in can_rcv_filter
A NULL pointer dereference issue was found in the can protocol in net/can/afcan.c in the Linux kernel, where mlpriv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial of service...
RHEL 8 : kernel-rt (RHSA-2024:0881)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0881 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
PT-2025-8592 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the m can core. The issue involves the handling of timestamps for received CAN frames. The m can core uses 16-bit wide...
UBUNTU-CVE-2023-2166
A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...
Kia Motors Head Unit Access Control Error Vulnerability
Kia Motors Head Unit is the main unit of a car from the Korean company Kia Kia. The unit is used in the vehicle-machine interaction process. The Kia Motors Head Unit suffers from an Access Control Error vulnerability that can be exploited by an attacker to inject unauthorized commands to trigger...
CAN bus analysis tool: Kayak
CAN bus analysis tool Kayak is a application for CAN bus diagnosis and monitoring. Its main goals are a simple interface and platform independence. Kayak is implemented in pure Java and has no platform specific dependencies. It includes a complete CAN bus abstraction model that can be included in...