VDB
CVE-2026-23347
CVE-2026-23347
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usb_kill_anchored_urbs() is called. This logic is correctly done elsewhere in the driver, except in the read bulk callback so do that here also.
EPSS 0.02% · 4.7th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.02%
4.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7.0, 88da17436973e463bed59bea79771fb03a21555e, 6.6.130 |
| linux | linux_kernel | 6.5, 6.5, 6.5 |
Exploit Intelligence
- CIRCL seen: CVE-2026-23347 (circl-sighting)
- CIRCL seen: CVE-2026-23347 (circl-sighting)
- https://git.kernel.org/stable/c/54ee74307165b348b2fddcd7942eb48fb4ee1237 (circl)
- https://git.kernel.org/stable/c/c001214e12202338425d6dda5d2a1919d674282d (circl)
- https://git.kernel.org/stable/c/f6d80b104f904a6da922907394eec66d3e2ffc57 (circl)
- https://git.kernel.org/stable/c/7724645c4792914cd07f36718816c5369cc57970 (circl)
- https://git.kernel.org/stable/c/952caa5da10bed22be09612433964f6877ba0dde (circl)
- 4593.2.0.yml (github-poc)
- 4593.2.0.yml (github-poc)
- 4593.2.0.yml (github-poc)
…and 7 more exploits
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- Mar 29, 2026 PoC Published
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/54ee74307165b348b2fddcd7942eb48fb4ee1237 url
- https://git.kernel.org/stable/c/c001214e12202338425d6dda5d2a1919d674282d url
- https://git.kernel.org/stable/c/f6d80b104f904a6da922907394eec66d3e2ffc57 url
- https://git.kernel.org/stable/c/7724645c4792914cd07f36718816c5369cc57970 url
- https://git.kernel.org/stable/c/952caa5da10bed22be09612433964f6877ba0dde url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23396 advisory
…and 128 more