CVE-2026-23347

MEDIUM EPSS 2.8%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usb_kill_anchored_urbs() is called. This logic is correctly done elsewhere in the driver, except in the read bulk callback so do that here also.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥6.5.1  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.77
linuxlinux_kernel*≥6.13  –  <6.18.17
linuxlinux_kernel*≥6.19  –  <6.19.7
linuxlinux_kernel6.5any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/54ee74307165b348b2fddcd7942eb48fb4ee1237
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7724645c4792914cd07f36718816c5369cc57970
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/952caa5da10bed22be09612433964f6877ba0dde
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c001214e12202338425d6dda5d2a1919d674282d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6d80b104f904a6da922907394eec66d3e2ffc57
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/54ee74307165b348b2fddcd7942eb48fb4ee1237
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7724645c4792914cd07f36718816c5369cc57970
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/952caa5da10bed22be09612433964f6877ba0dde
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c001214e12202338425d6dda5d2a1919d674282d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6d80b104f904a6da922907394eec66d3e2ffc57
    Patch