{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23155", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.977Z", "datePublished": "2026-02-14T16:01:22.429Z", "dateUpdated": "2026-02-14T16:01:22.429Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-02-14T16:01:22.429Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_receive_bulk_callback(): fix error message\n\nSinc commit 79a6d1bfe114 (\"can: gs_usb: gs_usb_receive_bulk_callback():\nunanchor URL on usb_submit_urb() error\") a failing resubmit URB will print\nan info message.\n\nIn the case of a short read where netdev has not yet been assigned,\ninitialize as NULL to avoid dereferencing an undefined value. Also report\nthe error value of the failed resubmit."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/can/usb/gs_usb.c"], "versions": [{"version": "aa8a8866c533a150be4763bcb27993603bd5426c", "lessThan": "aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5", "status": "affected", "versionType": "git"}, {"version": "ce4352057fc5a986c76ece90801b9755e7c6e56c", "lessThan": "923379f1d7e3af8ccbf11edbbcf41f1bb3e9cfe6", "status": "affected", "versionType": "git"}, {"version": "c610b550ccc0438d456dfe1df9f4f36254ccaae3", "lessThan": "8986cdf52f86208df9c7887fee23365b5d37da26", "status": "affected", "versionType": "git"}, {"version": "c3edc14da81a8d8398682f6e4ab819f09f37c0b7", "lessThan": "713ba826ae114ab339c9a1b31e209bebdadb0ac9", "status": "affected", "versionType": "git"}, {"version": "79a6d1bfe1148bc921b8d7f3371a7fbce44e30f7", "lessThan": "494fc029f662c331e06b7c2031deff3c64200eed", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/can/usb/gs_usb.c"], "versions": [{"version": "6.6.122", "lessThan": "6.6.123", "status": "affected", "versionType": "semver"}, {"version": "6.12.68", "lessThan": "6.12.69", "status": "affected", "versionType": "semver"}, {"version": "6.18.8", "lessThan": "6.18.9", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.122", "versionEndExcluding": "6.6.123"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.68", "versionEndExcluding": "6.12.69"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18.8", "versionEndExcluding": "6.18.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5"}, {"url": "https://git.kernel.org/stable/c/923379f1d7e3af8ccbf11edbbcf41f1bb3e9cfe6"}, {"url": "https://git.kernel.org/stable/c/8986cdf52f86208df9c7887fee23365b5d37da26"}, {"url": "https://git.kernel.org/stable/c/713ba826ae114ab339c9a1b31e209bebdadb0ac9"}, {"url": "https://git.kernel.org/stable/c/494fc029f662c331e06b7c2031deff3c64200eed"}], "title": "can: gs_usb: gs_usb_receive_bulk_callback(): fix error message", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:6.6.122:*:*:*:*:*:*:*", "matchCriteriaId": "86B92AB2-1FB7-4D1D-8D0C-B6FE241FB4B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12.68:*:*:*:*:*:*:*", "matchCriteriaId": "6B0724BD-589D-42C4-9456-646D8CBCF8A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.18.8:*:*:*:*:*:*:*", "matchCriteriaId": "1356361D-D06B-4A76-8D92-0B20D30F3D59", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*", "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_receive_bulk_callback(): fix error message\n\nSinc commit 79a6d1bfe114 (\"can: gs_usb: gs_usb_receive_bulk_callback():\nunanchor URL on usb_submit_urb() error\") a failing resubmit URB will print\nan info message.\n\nIn the case of a short read where netdev has not yet been assigned,\ninitialize as NULL to avoid dereferencing an undefined value. Also report\nthe error value of the failed resubmit."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ncan: gs_usb: gs_usb_receive_bulk_callback(): corregir mensaje de error\n\nDesde el commit 79a6d1bfe114 ('can: gs_usb: gs_usb_receive_bulk_callback(): desanclar URL en error de usb_submit_urb()'), un URB de reenv\u00edo fallido imprimir\u00e1 un mensaje de informaci\u00f3n.\n\nEn el caso de una lectura corta donde netdev a\u00fan no ha sido asignado, inicializar como NULL para evitar desreferenciar un valor indefinido. Tambi\u00e9n informar el valor de error del reenv\u00edo fallido."}], "id": "CVE-2026-23155", "lastModified": "2026-03-18T14:42:44.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-14T16:15:55.653", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/494fc029f662c331e06b7c2031deff3c64200eed"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/713ba826ae114ab339c9a1b31e209bebdadb0ac9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8986cdf52f86208df9c7887fee23365b5d37da26"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/923379f1d7e3af8ccbf11edbbcf41f1bb3e9cfe6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message", "id": "2439898", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439898"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncan: gs_usb: gs_usb_receive_bulk_callback(): fix error message\nSinc commit 79a6d1bfe114 (\"can: gs_usb: gs_usb_receive_bulk_callback():\nunanchor URL on usb_submit_urb() error\") a failing resubmit URB will print\nan info message.\nIn the case of a short read where netdev has not yet been assigned,\ninitialize as NULL to avoid dereferencing an undefined value. Also report\nthe error value of the failed resubmit."], "name": "CVE-2026-23155", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23155\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23155\nhttps://lore.kernel.org/linux-cve-announce/2026021415-CVE-2026-23155-32be@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2026-02-16T12:01:12.374052+00:00", "updated": "2026-02-16T12:01:12.374153+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}