CVE-2026-23080 can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001693 advisory. mcbausbstartxmit in drivers/net/can/usb/mcbausb.c in the Linux kernel through 5.17.1 has a double free. Tenable has extracted the preceding description block directl...

Vulnerability of the mcba_usb_start() function in the drivers/net/can/usb/mcba_usb.c module – The Linux kernel’s CAN network device support driver allows a hacker to cause a service failure.

Vulnerability of the mcbausbstart function in the drivers/net/can/usb/mcbausb.c module – The Linux kernel’s CAN network device driver has vulnerabilities related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause service failures...

SUSE CVE-2022-28390

emsusbstartxmit in drivers/net/can/usb/emsusb.c in the Linux kernel through 5.17.1 has a double free...

Double Free

Linux kernel is vulnerable to double free. The vulnerability exists in usb8devstartxmit in drivers/net/can/usb/usb8dev.c because is no need to call devkfreeskb when usbsubmiturb fails because canputechoskb deletes original skb and canfreeechoskb deletes the cloned skb causing a double free...

Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5541-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5541-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some...

Double Free

linux is vulnerable to double free. The vulnerability exists due to a memory corruption in the mcbausbstartxmit in drivers/net/can/usb/mcbausb.c which allow an attacker to cause an application crash...

USN-5468-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5468-1 linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-intel-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5416-1: Linux kernel (OEM) vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

USN-5416-1 linux-oem-5.14 vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

USN-5413-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

AZL-9295 CVE-2022-28390 affecting package kernel for versions less than 5.15.37.1-2

emsusbstartxmit in drivers/net/can/usb/emsusb.c in the Linux kernel through 5.17.1 has a double free...

AZL-9294 CVE-2022-28389 affecting package kernel for versions less than 5.15.37.1-2

mcbausbstartxmit in drivers/net/can/usb/mcbausb.c in the Linux kernel through 5.17.1 has a double free...

CVE-2022-28388

CVE-2022-28388 affects the Linux kernel driver usb_8dev_start_xmit (drivers/net/can/usb/usb_8dev.c). The vulnerability is a double free in the function usb_8dev_start_xmit, present up to kernel versions including 5.17.1. Documents reference a commit addressing the issue and mention downstream adv...

CVE-2022-28390

emsusbstartxmit in drivers/net/can/usb/emsusb.c in the Linux kernel through 5.17.1 has a double free...

USN-4485-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915gemexecbuffer2ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2018-20669 It was discovered that the...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4485-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4485-1 advisory. Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4427-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4427-1 advisory. It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4285-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...