CVE-2026-23058

NONE EPSS 7.0%
Published Feb 4, 20264mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Feb 4, 2026 4mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In ems_usb_open(), the URBs for USB-in transfers are allocated, added to the dev->rx_submitted anchor and submitted. In the complete callback ems_usb_read_bulk_callback(), the URBs are processed and resubmitted. In ems_usb_close() the URBs are freed by calling usb_kill_anchored_urbs(&dev->rx_submitted). However, this does not take into account that the USB framework unanchors the URB before the complete function is called. This means that once an in-URB has been completed, it is no longer anchored and is ultimately not released in ems_usb_close(). Fix the memory leak by anchoring the URB in the ems_usb_read_bulk_callback() to the dev->rx_submitted anchor.

Threat Intelligence

EPSS Exploit Probability
7.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0ce73a0eb5a27070957b67fd74059b6da89cc516
  • git.kernel.org https://git.kernel.org/stable/c/46a191ff7eeec33a2ccb2a1bfea34e18fbc5dc1a
  • git.kernel.org https://git.kernel.org/stable/c/61e6d3674c3d1da1475dc207b3e75c55d678d18e
  • git.kernel.org https://git.kernel.org/stable/c/68c62b3e53901846b5f68c5a8bade72a5d9c0b87
  • git.kernel.org https://git.kernel.org/stable/c/e2c71030dc464d437110bcfb367c493fd402bddb
  • git.kernel.org https://git.kernel.org/stable/c/e9410fdd4d5f7eaa6526d8c80e83029d7c86a8e8
  • git.kernel.org https://git.kernel.org/stable/c/f48eabd15194b216030b32445f44230df95f5fe0

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.