CVE-2026-23031
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2026-01-31

Last updated on: 2026-06-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback gs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In gs_can_close() the URBs are freed by calling usb_kill_anchored_urbs(parent->rx_submitted). However, this does not take into account that the USB framework unanchors the URB before the complete function is called. This means that once an in-URB has been completed, it is no longer anchored and is ultimately not released in gs_can_close(). Fix the memory leak by anchoring the URB in the gs_usb_receive_bulk_callback() to the parent->rx_submitted anchor.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-31
Last Modified
2026-06-02
Generated
2026-06-16
AI Q&A
2026-01-31
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23031
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux_kernel linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a memory leak in the Linux kernel's gs_usb driver related to USB-in transfer URBs (USB Request Blocks). When URBs are completed, they are unanchored by the USB framework before the completion callback is called, causing them not to be properly released in the gs_can_close() function. This leads to a memory leak because the URBs are not freed as expected. The fix involves re-anchoring the URB in the completion callback to ensure proper cleanup.

Impact Analysis

The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially causing system instability or degraded performance in systems using the affected Linux kernel gs_usb driver. This could affect devices relying on USB CAN interfaces by exhausting system memory resources.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the gs_usb_receive_bulk_callback() URB memory leak. This fix involves properly anchoring the URB in the callback to prevent memory leaks. Until the update is applied, consider limiting or disabling the use of the gs_usb driver if possible to reduce exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23031. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart