65 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object, which creates a skbuff, revealed that the reserved elements in struct canframe were...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The issue in the j1939tptxdatnew function could lead to out-of-bounds memory access if the size of skb-cb is larger than the size of struct j1939skbuffcb. This occurs because the memcpy operation uses the size of skb-cb, causing ...
CVE-2025-71182
In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...
EUVD-2025-206593
In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...
CVE-2025-71182 can: j1939: make j1939_session_activate() fail if device is no longer registered
In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005008)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005008 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fix UAF for rxkref of j1939priv It will trigger UAF for rxkref of...
AZL-78479 CVE-2026-22997 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
PT-2026-4659
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to CAN Controller Area Network functionality within the J1939 protocol. Specifically, the issue involves a reference count leak within the j1939...
SUSE CVE-2023-54039
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939tptxdatnew: fix out-of-bounds memory access In the j1939tptxdatnew function, an out-of-bounds memory access could occur during the memcpy operation if the size of skb-cb is larger than the size of struct...
EUVD-2023-60293
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...
UBUNTU-CVE-2023-54152
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...