Description
In the Linux kernel, the following vulnerability has been resolved:

can: gs_usb: gs_usb_receive_bulk_callback(): fix error message

Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback():
unanchor URL on usb_submit_urb() error") a failing resubmit URB will print
an info message.

In the case of a short read where netdev has not yet been assigned,
initialize as NULL to avoid dereferencing an undefined value. Also report
the error value of the failed resubmit.
Published: 2026-02-14
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch Now
AI Analysis

Impact

The Linux kernel CAN gs_usb driver had a null pointer dereference that could be triggered during a failed USB request block (URB) resubmit when a short read occurred and the network device had not yet been assigned. The dereference could cause a kernel crash, resulting in a denial‑of‑service. The weakness is classified as CWE‑476.

Affected Systems

Affected versions include Linux kernel 6.12.68, 6.18.8, 6.6.122, and the 6.19rc7 release. Distributions shipping any of these kernels are vulnerable until the commit that removes the dereference is applied.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1% suggests a low likelihood of exploitation. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, it is inferred that exploitation would likely require local or physical access to a machine, such as injection of a malicious USB payload or manipulation of a CAN gs_usb operation. Such local exploitation could lead to a system crash, disrupting availability.

Generated by OpenCVE AI on April 18, 2026 at 12:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a kernel version that includes commit 79a6d1bfe114 or later (e.g., release 6.12.68+, 6.18.8+, 6.6.122+, or 6.19rc7+).
  • Disable the CAN gs_usb driver until a patched kernel is available.
  • Configure the system to allow USB resubmit operations only from trusted devices or restrict them via udev rules.

Generated by OpenCVE AI on April 18, 2026 at 12:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
References

Wed, 18 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
CPEs cpe:2.3:o:linux:linux_kernel:6.12.68:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.18.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6.122:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Tue, 17 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Sat, 14 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print an info message. In the case of a short read where netdev has not yet been assigned, initialize as NULL to avoid dereferencing an undefined value. Also report the error value of the failed resubmit.
Title can: gs_usb: gs_usb_receive_bulk_callback(): fix error message
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-18T08:57:21.313Z

Reserved: 2026-01-13T15:37:45.977Z

Link: CVE-2026-23155

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2026-02-14T16:15:55.653

Modified: 2026-04-18T09:16:14.317

Link: CVE-2026-23155

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-14T00:00:00Z

Links: CVE-2026-23155 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T12:30:45Z

Weaknesses