CVE-2026-23347 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usb_kill_anchored_urbs() is called. This logic is correctly done elsewhere in the driver, except in the read bulk callback so do that here also.

PUBLISHED Reserved 2026-01-13 | Published 2026-03-25 | Updated 2026-05-11 | Assigner Linux

Product status

Default status

unaffected

88da17436973e463bed59bea79771fb03a21555e (git) before 54ee74307165b348b2fddcd7942eb48fb4ee1237

affected

88da17436973e463bed59bea79771fb03a21555e (git) before c001214e12202338425d6dda5d2a1919d674282d

affected

88da17436973e463bed59bea79771fb03a21555e (git) before f6d80b104f904a6da922907394eec66d3e2ffc57

affected

88da17436973e463bed59bea79771fb03a21555e (git) before 7724645c4792914cd07f36718816c5369cc57970

affected

88da17436973e463bed59bea79771fb03a21555e (git) before 952caa5da10bed22be09612433964f6877ba0dde

affected

Default status

affected

6.5

affected

Any version before 6.5

unaffected

6.6.130 (semver)

unaffected

6.12.77 (semver)

unaffected

6.18.17 (semver)

unaffected

6.19.7 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/54ee74307165b348b2fddcd7942eb48fb4ee1237

git.kernel.org/...c/c001214e12202338425d6dda5d2a1919d674282d

git.kernel.org/...c/f6d80b104f904a6da922907394eec66d3e2ffc57

git.kernel.org/...c/7724645c4792914cd07f36718816c5369cc57970

git.kernel.org/...c/952caa5da10bed22be09612433964f6877ba0dde

cve.org (CVE-2026-23347)

nvd.nist.gov (CVE-2026-23347)

Download JSON

help @ threatint.eu