Vulnerability Details CVE-2026-23155
In the Linux kernel, the following vulnerability has been resolved:
can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback():
unanchor URL on usb_submit_urb() error") a failing resubmit URB will print
an info message.
In the case of a short read where netdev has not yet been assigned,
initialize as NULL to avoid dereferencing an undefined value. Also report
the error value of the failed resubmit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.7%
CVSS Severity
CVSS v3 Score 5.5
References
- https://git.kernel.org/stable/c/494fc029f662c331e06b7c2031deff3c64200eed
- https://git.kernel.org/stable/c/713ba826ae114ab339c9a1b31e209bebdadb0ac9
- https://git.kernel.org/stable/c/8986cdf52f86208df9c7887fee23365b5d37da26
- https://git.kernel.org/stable/c/923379f1d7e3af8ccbf11edbbcf41f1bb3e9cfe6
- https://git.kernel.org/stable/c/aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5
Products affected by CVE-2026-23155
-
cpe:2.3:o:linux:linux_kernel:6.12.68
-
cpe:2.3:o:linux:linux_kernel:6.18.8
-
cpe:2.3:o:linux:linux_kernel:6.19
-
cpe:2.3:o:linux:linux_kernel:6.6.122