CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Cvelist•added 2026/02/04 4:8 p.m.•23 views

CVE-2026-23080 can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...

0.00018EPSS

Exploits0References7

Tenable Nessus•added 2025/12/31 12:0 a.m.•1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993060)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993060 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly check endpoint type Syzbot reported warning in usbsubmiturb which is cause...

5.5CVSS5.8AI score0.00009EPSS

Exploits0References4

Tenable Nessus•added 2025/12/11 12:0 a.m.•2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991168)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991168 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly check endpoint type Syzbot reported warning in usbsubmiturb which is cause...

5.5CVSS5.8AI score0.00009EPSS

Exploits0References4

SUSE CVE•added 2025/10/16 11:24 p.m.•2 views

SUSE CVE-2025-39985

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...

5.5CVSS7AI score0.00077EPSS

Exploits0References19

Microsoft CVE•added 2025/10/16 8:1 a.m.•5 views

can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow

...

9.8CVSS7AI score0.00077EPSS

Exploits0

EUVD•added 2025/10/15 9:31 p.m.•2 views

EUVD-2022-55074

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: properly check endpoint type Syzbot reported warning in usbsubmiturb which is caused by wrong endpoint type. We should check that in endpoint is actually present to prevent this warning. Found pipes are now saved to...

5.5CVSS5.3AI score0.00009EPSS

Exploits0References9

Cvelist•added 2025/10/15 7:56 a.m.•6 views

CVE-2025-39985 can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow

0.00077EPSS

Exploits0References8

NVD•added 2025/02/26 7:0 a.m.•9 views

CVE-2022-49151

5.5CVSS0.00009EPSS

Exploits0References8

OSV•added 2025/02/26 1:55 a.m.•10 views

CVE-2022-49151 can: mcba_usb: properly check endpoint type

5.5CVSS5.3AI score0.00009EPSS

Exploits0References11

CVE•added 2025/02/26 1:55 a.m.•89 views

CVE-2022-49151

CVE-2022-49151 is a Linux kernel vulnerability in the CAN/USB subsystem (can: mcba_usb) where usb_submit_urb() could warn due to an incorrect endpoint type. Syzbot reported a bogus urb transfer when the pipe’s type did not match the endpoint, prompting a code path change: pipes are now saved in m...

5.5CVSS5.3AI score0.00009EPSS

Exploits0References8Affected Software1

Cvelist•added 2025/02/26 1:55 a.m.•13 views

CVE-2022-49151 can: mcba_usb: properly check endpoint type

0.00009EPSS

Exploits0References8

RedhatCVE•added 2024/05/23 2:0 p.m.•25 views

CVE-2021-47231

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: fix memory leak in mcbausb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usbcoherent. In mcbausbstart 20 coherent buffers are allocated and there is...

5.1CVSS6.5AI score0.00008EPSS

Exploits0References4

NVD•added 2024/05/21 3:15 p.m.•12 views

CVE-2021-47231

5.5CVSS6.5AI score0.00008EPSS

Exploits0References6

OSV•added 2024/05/21 3:15 p.m.•1 views

UBUNTU-CVE-2021-47231

5.5CVSS6.2AI score0.00008EPSS

Exploits0References9

Debian CVE•added 2024/05/21 2:19 p.m.•15 views

CVE-2021-47231

5.5CVSS6.7AI score0.00008EPSS

Exploits0

Oracle linux•added 2023/02/14 12:0 a.m.•56 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.316.7 - runtime revert of virtionet: Stripe queue affinities across cores. Konrad Rzeszutek Wilk Orabug: 35001045 5.4.17-2136.316.6 - block: Change the granularity of io ticks from ms to ns Gulam Mohamed Orabug: 34780807 - powercap: intelrapl: support new layout of Psys PowerLimit...

8.8CVSS9.6AI score0.00421EPSS

Exploits0

OSV•added 2022/04/24 10:44 p.m.•4 views

GSD-2022-1002415 can: mcba_usb: properly check endpoint type

can: mcbausb: properly check endpoint type This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...

7.2AI score

Exploits0

OSV•added 2022/04/24 10:34 p.m.•6 views

GSD-2022-1002327 can: mcba_usb: properly check endpoint type

7.2AI score

Exploits0

OSV•added 2022/04/24 10:21 p.m.•6 views

GSD-2022-1002206 can: mcba_usb: properly check endpoint type

7.2AI score

Exploits0

OSV•added 2022/04/24 10:4 p.m.•7 views

GSD-2022-1002027 can: mcba_usb: properly check endpoint type