VDB

DEBIAN-CVE-2026-23031

DEBIAN-CVE-2026-23031 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback gs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In gs_can_close() the URBs are freed by calling usb_kill_anchored_urbs(parent->rx_submitted). However, this does not take into account that the USB framework unanchors the URB before the complete function is called. This means that once an in-URB has been completed, it is no longer anchored and is ultimately not released in gs_can_close(). Fix the memory leak by anchoring the URB in the gs_usb_receive_bulk_callback() to the parent->rx_submitted anchor.

Affected Products

VendorProductVersions
Debian:11linux-6.16.1.112-1, *, 6.1.159-1
Debian:13linux6.12.41-1, 0, 6.12.69-1
Debian:11linux6.19-1, 6.11.2-1, 6.11.4-1
Debian:14linux6.15.6-1, 6.17.12-1, 6.17.13-1
Debian:12linux6.1.133-1, 6.1.135-1, 6.1.137-1

Exploit Intelligence

Timeline

  • Jan 31, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›