VDB
DEBIAN-CVE-2025-68343
DEBIAN-CVE-2025-68343
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header The driver expects to receive a struct gs_host_frame in gs_usb_receive_bulk_callback(). Use struct_group to describe the header of the struct gs_host_frame and check that we have at least received the header before accessing any members of it. To resubmit the URB, do not dereference the pointer chain "dev->parent->hf_size_rx" but use "parent->hf_size_rx" instead. Since "urb->context" contains "parent", it is always defined, while "dev" is not defined if the URB it too short.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | linux | 0, 6.1.112-1, 6.1.38-2 |
| Debian:11 | linux | 6.10.6-1, 6.14.5-1, 6.14.6-1 |
| Debian:13 | linux | 0, 6.12.38-1, 6.12.41-1 |
| Debian:14 | linux | 6.16.8-1, 6.16.9-1, 6.16 |
| Debian:11 | linux-6.1 | 6.1.119-1, 6.1.128-1, 6.1.129-1 |
Timeline
- Dec 23, 2025 CVE Published
- Apr 28, 2026 CVE Updated