CVE-2026-23082 can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

EUVD-2025-25536

Malicious code in bioql PyPI...

CVE-2025-38004

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

CVE-2025-38004 can: bcm: add locking for bcm_op runtime updates

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

Vulnerability of the mcp251x_stop() function in the drivers/net/can/spi/mcp251x.c module – This driver supports network devices of the Linux kernel, which can be exploited by attackers to cause service failures.

Vulnerability of the mcp251xstop function in the drivers/net/can/spi/mcp251x.c module – The Linux kernel’s CAN network device driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the m_can_read_fifo() function in the drivers/net/can/m_can/m_can.c module – The CAN device driver support in the Linux operating system’s kernel allows a hacker to cause service failure.

Vulnerability of the mcanreadfifo function in the drivers/net/can/mcan/mcan.c module – The Linux kernel’s CAN device driver has a vulnerability related to improper memory release before deleting the last pointer „memory leak“. Exploiting this vulnerability could allow an attacker to cause service...

kernel: NULL pointer dereference in can_rcv_filter

A NULL pointer dereference issue was found in the can protocol in net/can/afcan.c in the Linux kernel, where mlpriv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial of service...

CVE-2010-2959

Integer overflow in net/can/bcm.c in the Controller Area Network CAN implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service system crash via...