The vulnerability of the ems_pcmcia_add_card() function in the Philips/NXP SJA1000 device driver for the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the emspcmciaaddcard function in the drivers/net/can/sja1000/emspcmcia.c file of the Philips/NXP SJA1000 device driver in the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

SUSE CVE-2021-47521

In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in emspcmciaaddcard If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev-irq" instead. Also we should check if at least one channel was set up...

CVE-2021-47521

In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in emspcmciaaddcard If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev-irq" instead. Also we should check if at least one channel was set up...

CVE-2021-47521

CVE-2021-47521 affects the Linux kernel via can: sja1000: fix use after free in ems_pcmcia_add_card(). The fix ensures that when the last channel is unavailable, dev is freed and pdev->irq can be used instead, with an additional check that at least one channel was set up. In the available docu...

CVE-2023-5563

The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIGCANAUTOBUSOFFRECOVERY=y. This results in calling ksleep in IRQ context, causing a fatal exception...

Zephyr Security Breach

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in Zephyr 3.4.0 and earlier versions, which stems from the fact that when built with CONFIGCANAUTOBUSOFFRECOVERY=y, the backend of the SJA1000 CAN controller driver...