CVE-2026-23031
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-01-31

Last updated on: 2026-04-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback gs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In gs_can_close() the URBs are freed by calling usb_kill_anchored_urbs(parent->rx_submitted). However, this does not take into account that the USB framework unanchors the URB before the complete function is called. This means that once an in-URB has been completed, it is no longer anchored and is ultimately not released in gs_can_close(). Fix the memory leak by anchoring the URB in the gs_usb_receive_bulk_callback() to the parent->rx_submitted anchor.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-31
Last Modified
2026-04-18
Generated
2026-05-07
AI Q&A
2026-01-31
EPSS Evaluated
2026-05-05
NVD
CVE-2026-23031
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux_kernel linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a memory leak in the Linux kernel's gs_usb driver related to USB-in transfer URBs (USB Request Blocks). When URBs are completed, they are unanchored by the USB framework before the completion callback is called, causing them not to be properly released in the gs_can_close() function. This leads to a memory leak because the URBs are not freed as expected. The fix involves re-anchoring the URB in the completion callback to ensure proper cleanup.


How can this vulnerability impact me? :

The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially causing system instability or degraded performance in systems using the affected Linux kernel gs_usb driver. This could affect devices relying on USB CAN interfaces by exhausting system memory resources.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the gs_usb_receive_bulk_callback() URB memory leak. This fix involves properly anchoring the URB in the callback to prevent memory leaks. Until the update is applied, consider limiting or disabling the use of the gs_usb driver if possible to reduce exposure.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart