Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fixed the issue where skb was freed after it had been used. The canPUTechoskb function clones a skb and then frees it. This function should be moved directly before the start of the xmit in hardware for...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refined error-prone handling of echoskbmax The value of echoskbmax should define the supported upper limit for echoskb, which is allocated within the private space of the netdevice. The corresponding size value...

PT-2025-51711

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The CAN driver within the Linux kernel contains an issue in the gs usb xmit callback function related to the handling of failed transmitted URBs. The driver does not properly clean up...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989174 advisory. In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls...

CVE-2025-39873

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

DEBIAN-CVE-2025-38224

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refine error prone echoskbmax handling logic echoskbmax should define the supported upper limit of echoskb allocated inside the netdevice's priv. The corresponding size value provided by this driver to...

UBUNTU-CVE-2025-38224

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refine error prone echoskbmax handling logic echoskbmax should define the supported upper limit of echoskb allocated inside the netdevice's priv. The corresponding size value provided by this driver to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper echoskbmax handling logic in the kvaserpciefd driver, which could lead to out-of-bounds access to...

PT-2025-27999

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0 Description: A vulnerability in the Linux kernel has been resolved, related to the kvaser pciefd driver. The issue involves the echo skb max handling logic, which defines the supported upper limit of echo...

OESA-2025-1465 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the...

kernel: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds

In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...

SUSE CVE-2023-52878

In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...