CVE-2026-23312

MEDIUM EPSS 2.4%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel*≥2.6.12.1  –  <5.10.253
linuxlinux_kernel*≥5.11  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0aae18e4638a7c1c579df92bc6edc36cedfaaa8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2795fc06e7652c0ba299d936c584d5e08b6b57a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b5075e4ce97d1a1ce82ff3fb6308761987a48bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4b063c002ca759d1b299988ee23f564c9609c875
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c986abd2a5033633c6e6f9dd135cf96b19c7fdf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/72f90f481c6a059680b9b976695d4cfb04fba1f3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c7ebf5e45d2504d92ea294ac3828d58586491df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f33e80d195a003b384620ee240f69092b519146b
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0aae18e4638a7c1c579df92bc6edc36cedfaaa8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2795fc06e7652c0ba299d936c584d5e08b6b57a1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b5075e4ce97d1a1ce82ff3fb6308761987a48bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4b063c002ca759d1b299988ee23f564c9609c875
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c986abd2a5033633c6e6f9dd135cf96b19c7fdf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/72f90f481c6a059680b9b976695d4cfb04fba1f3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c7ebf5e45d2504d92ea294ac3828d58586491df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f33e80d195a003b384620ee240f69092b519146b
    Patch