Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003831)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003831 advisory. In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusbfd.c driver, aka...

MiracleLinux 8 : kernel-4.18.0-553.69.1.el8_10 (AXSA:2025-10764:56)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10764:56 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: ipv6: mcast: extend RCU protection in igmp6send CVE-2025-21759 kernel: can: peakusb...

can: peak_usb: fix shift-out-of-bounds issue

...

AZL-68808 CVE-2025-40020 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...

EUVD-2025-35839

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...

EUVD-2019-9153

Malware in sbrugna...

kernel: can: peak_usb: fix use after free bugs

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...

CVE-2021-47670

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...

CVE-2021-47670 can: peak_usb: fix use after free bugs

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...

CVE-2021-47670 can: peak_usb: fix use after free bugs

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the peakusbnetifrxni. Reordering the lines solves the...

CVE-2021-47670

CVE-2021-47670 (can: peak_usb) is a use-after-free in the Linux kernel can subsystem. After peak_usb_netif_rx_ni(skb) is called, the skb may be dereferenced, and the can_frame cf that aliases skb memory can access memory that has been freed. The issue is resolved by reordering code lines to preve...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5753)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5753 advisory. - media: ttusb-dec: Fix info-leak in ttusbdecsendcommand Tomas Bortoli Orabug: 31351121 CVE-2019-19533 - can: peakusb: fix slab info leak Johan...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0028)

The remote OracleVM system is missing necessary patches to address critical security updates : - ipv4: ipv4defaultadvmss should use route mtu Eric Dumazet Orabug: 31563095 - net: ipv4: Refine the ipv4defaultadvmss Gao Feng Orabug: 31563095 - Revert 'bnxten: Remove busy poll logic in the driver.'...

UBUNTU-CVE-2019-19535

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusbfd.c driver, aka CID-30a8beeb3042...

CVE-2019-19534

Summary: CVE-2019-19534 affects the Linux kernel before 5.3.11, enabling a local info-leak via the Peak USB CAN driver (drivers/net/can/usb/peak_usb/pcan_usb_core.c) when a malicious USB device is connected. The root cause is missing initialization of certain structures in the peak_usb CAN driver...

CVE-2019-19535

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusbfd.c driver, aka CID-30a8beeb3042...

CVE-2019-19536

CVE-2019-19536 is an info-leak vulnerability in the Linux kernel (<5.2.9) caused by a faulty handling of a malicious USB device in drivers/net/can/usb/peak_usb/pcan_usb_pro.c (CID-ead16e53c2f0). Some public advisories (Unity Linux UTSA-2026-*) reference this CVE and note the issue affects kern...