37 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: can: mcbausb: fixed a memory leak in mcbausb Syzbot reported a memory leak in the SocketCAN driver for the Microchip CAN BUS Analyzer Tool. The problem occurred in unfreeing the usbcoherent object. In the mcbausbstart function...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly checking the endpoint type Syzbot reported a warning in usbsubmiturb, which is caused by an incorrect endpoint type. We should check that the endpoint actually exists to prevent this warning. The found pipe...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013792)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013792 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010853)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010853 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...
CVE-2026-23080
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...
EUVD-2026-5463
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...
CVE-2026-23080
Technical details for CVE-2026-23080 are not provided in the connected documents. The sources reference the CVE in advisories (e.g., USN entries) but do not include product/vendor/component/version, root cause, impact, or fix specifics. Monitor for updates.
Linux Distros Unpatched Vulnerability : CVE-2026-23080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a can: gsusb: gsusbreceivebulkcallback: fix URB memor...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003989)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003989 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004401)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004401 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000206)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000206 advisory. In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcbausb.c driver, aka...
PT-2026-6150
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a memory leak can occur within the mcba usb read bulk callback function. This is due to the USB framework unanchoring URBs before the completion...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989587 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly check endpoint type Syzbot reported warning in usbsubmiturb which is cause...
Linux Distros Unpatched Vulnerability : CVE-2025-39985
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit...
CVE-2025-39985
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...
EUVD-2025-34587
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...
AZL-68474 CVE-2025-39985 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...
CVE-2025-39985
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...
UBUNTU-CVE-2025-39985
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...