Lucene search
K

50 matches found

Redos
Redos
added 2026/02/11 12:0 a.m.6 views

ROS-20260211-73-0004

A vulnerability in the net/can/bcm.c component of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an attacker to gain access to confidential data, violate its integrity, and cause denial of service...

5.5CVSS5.4AI score0.002EPSS
Exploits0
Redos
Redos
added 2026/02/05 12:0 a.m.4 views

ROS-20260205-73-0001

A vulnerability in the net/can/bcm.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data and also cause a denial of service...

7.1CVSS7.2AI score0.00204EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001493 advisory. net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are...

5.5CVSS6.5AI score0.00472EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-32606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 5.11 through 5.12.2, isotpsetsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. This does not...

7.8CVSS6.6AI score0.00418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-3609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash...

7CVSS6.6AI score0.00431EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.5 views

The vulnerability of the bcm_release() function in the net/can/bcm.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bcmrelease function in the net/can/bcm.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.8CVSS6.5AI score0.00286EPSS
Exploits0References25Affected Software6
RedhatCVE
RedhatCVE
added 2024/07/31 9:17 a.m.12 views

CVE-2024-42076

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...

5.5CVSS6.8AI score0.00225EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/29 3:52 p.m.23 views

CVE-2024-42076 net: can: j1939: Initialize unused data in j1939_send_one()

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...

0.00225EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/03/12 12:48 a.m.3 views

kernel: NULL pointer dereference in can_rcv_filter

A NULL pointer dereference issue was found in the can protocol in net/can/afcan.c in the Linux kernel, where mlpriv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial of service...

5.5CVSS7.1AI score0.002EPSS
Exploits0References5
CNVD
CNVD
added 2023/04/23 12:0 a.m.31 views

Linux Kernel af_can.c Denial of Service Vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux Kernel that stems from a null pointer dereference issue found in the CAN protocol in net/can/afcan.c. mlpriv may not be...

5.5CVSS6.4AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.27 views

CVE-2023-2166

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

6.2AI score0.002EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 7:41 p.m.44 views

K17957133: Linux kernel vulnerability CVE-2019-3701

Security Advisory Description An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the candlc field. Because of a missing check, the CAN drivers may write arbitrary...

4.9CVSS6.3AI score0.00698EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.36 views

NewStart CGSL MAIN 6.02 : kernel Vulnerability (NS-SA-2022-0099)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by a vulnerability: - In the Linux kernel before 5.4.16, a race condition in tty-discdata handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824...

4.7CVSS6.5AI score0.00321EPSS
Exploits0References3
Veracode
Veracode
added 2022/08/04 3:9 a.m.36 views

Double Free

Linux kernel is vulnerable to double free. The vulnerability exists in usb8devstartxmit in drivers/net/can/usb/usb8dev.c because is no need to call devkfreeskb when usbsubmiturb fails because canputechoskb deletes original skb and canfreeechoskb deletes the cloned skb causing a double free...

5.5CVSS6.1AI score0.00395EPSS
Exploits0References11Affected Software4
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.61 views

Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5541-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5541-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some...

7.8CVSS7.1AI score0.0155EPSS
Exploits3References12
Veracode
Veracode
added 2022/06/16 5:10 p.m.49 views

Double Free

linux is vulnerable to double free. The vulnerability exists due to a memory corruption in the mcbausbstartxmit in drivers/net/can/usb/mcbausb.c which allow an attacker to cause an application crash...

5.5CVSS6.6AI score0.00317EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2022/04/03 8:7 p.m.384 views

CVE-2022-28388

CVE-2022-28388 affects the Linux kernel driver usb_8dev_start_xmit (drivers/net/can/usb/usb_8dev.c). The vulnerability is a double free in the function usb_8dev_start_xmit, present up to kernel versions including 5.17.1. Documents reference a commit addressing the issue and mention downstream adv...

5.5CVSS6.3AI score0.00395EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2022/04/03 8:7 p.m.236 views

CVE-2022-28390

emsusbstartxmit in drivers/net/can/usb/emsusb.c in the Linux kernel through 5.17.1 has a double free...

7.8CVSS5.8AI score0.00353EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2021-0366)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.09808EPSS
Exploits7References9
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2020-0183)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.034EPSS
Exploits1References10
Rows per page
Query Builder