9 matches found
kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
CVE-2026-31532
In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...
CVE-2026-31532
In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...
PT-2026-34658
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the SocketCAN subsystem of the Linux kernel. The raw release function unregisters raw CAN receive filters through can rx unregister, but the deletion of the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988813)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988813 advisory. In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when...
kernel: missing check in can/bcm and can/raw socket releases
The rawrelease function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted release operation...