19 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fixed a memory leak. The gsusb driver appears to have a problem common to many USB CAN adapter drivers. It performs usballoccoherent to allocate a number of USB Request Blocks URBs for reception, and...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect, and then the struct...
CVE-2026-23082
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...
CVE-2026-23031
CVE-2026-23031 affects the Linux kernel's gs_usb path. The issue is a memory leak where USB Request Blocks (URBs) completed by gs_usb_receive_bulk_callback() were not reliably released because the USB framework unanchors the URB before completion, bypassing gs_can_close()’s cleanup. The fix ancho...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001609 advisory. drivers/net/can/usb/gsusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cau...
CVE-2025-68343
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...
SUSE CVE-2025-68307
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...
CVE-2025-68307
CVE-2025-68307 – Linux kernel can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs. Root cause: missing cleanup of failed URB transfers, decreasing available URBs per error by 1, which can degrade performance and may halt transmission. Affected: linux kernel driver can: gs...
PT-2025-51711
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The CAN driver within the Linux kernel contains an issue in the gs usb xmit callback function related to the handling of failed transmitted URBs. The driver does not properly clean up...
Linux Distros Unpatched Vulnerability : CVE-2023-53523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls...
EUVD-2025-31889
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-49661
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
CVE-2022-49661
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
UBUNTU-CVE-2022-49661
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
The vulnerability of the Linux operating system, which allows a perpetrator to trigger a service failure or cause other effects
The vulnerability in the driver drivers/net/can/usb/gsusb.c of the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a local attacker to improperly interact with the CONFIGVMAPSTACK parameter, resulting in a...
Linux kernel denial of service vulnerability (CNVD-2017-05875)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the drivers/net/can/usb/gsusb.c file in Linux kernel versions 4.10.x prior to 4.10.12 and in 4.9.x versions. A local attacker could...