CVE-2026-23324

MEDIUM EPSS 2.4%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: can: usb: etas_es58x: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usb_kill_anchored_urbs() is called. This logic is correctly done elsewhere in the driver, except in the read bulk callback so do that here also.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥5.13.1  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel5.13any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/18eee279e9b5bff0db1aca9475ae4bc12804f05c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2185ea6e4ebcb61d1224dc7d187c59723cb5ad59
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5eaad4f768266f1f17e01232ffe2ef009f8129b7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7a0171b4921ad443fee5ed4fcb9d99fa4776edac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b878444519fa03a3edd287d1963cf79ef78be2f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8f9ca88253574638bcff38900a4c28d570b1919
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6e90c113c92e83fc0963d5e60e16b0e8a268981
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/18eee279e9b5bff0db1aca9475ae4bc12804f05c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2185ea6e4ebcb61d1224dc7d187c59723cb5ad59
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5eaad4f768266f1f17e01232ffe2ef009f8129b7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7a0171b4921ad443fee5ed4fcb9d99fa4776edac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b878444519fa03a3edd287d1963cf79ef78be2f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8f9ca88253574638bcff38900a4c28d570b1919
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6e90c113c92e83fc0963d5e60e16b0e8a268981
    Patch