2 matches found
UBUNTU-CVE-2025-68343
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...
CVE-2025-68343
CVE-2025-68343 in the Linux kernel affects the can: gs_usb driver (gs_usb_receive_bulk_callback). The vulnerability arises from not validating the actual_length before accessing the gs_host_frame header, risking dereference of an incomplete header. The fix uses struct_group to describe the header...