CVE-2026-23155

CWE-476NULL Pointer DereferenceCWE-8247 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print an info message. In the case of a short read where netdev has not yet been assigned, initialize as NULL to avoid dereferencing an undefined value. Also report the error value of the failed resubmit.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel4 versions+3
CVEListV5linux/linuxaa8a8866c533a150be4763bcb27993603bd5426caed58a28ea71a0d7d0947190fab1e3f4daa1d4a5+7
Debianlinux< 6.18.9-1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-qrjv-2grw-rfj4: In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d2026-02-14
CVEList
can: gs_usb: gs_usb_receive_bulk_callback(): fix error message2026-02-14
OSV
CVE-2026-23155: In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1b2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message2026-02-14
Debian
CVE-2026-23155: linux - In the Linux kernel, the following vulnerability has been resolved: can: gs_usb...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23155 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23155 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io