CVE-2026-23058
Unknown Unknown - Not Provided
Memory Leak in Linux Kernel ems_usb USB Bulk Callback

Publication date: 2026-02-04

Last updated on: 2026-02-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In ems_usb_open(), the URBs for USB-in transfers are allocated, added to the dev->rx_submitted anchor and submitted. In the complete callback ems_usb_read_bulk_callback(), the URBs are processed and resubmitted. In ems_usb_close() the URBs are freed by calling usb_kill_anchored_urbs(&dev->rx_submitted). However, this does not take into account that the USB framework unanchors the URB before the complete function is called. This means that once an in-URB has been completed, it is no longer anchored and is ultimately not released in ems_usb_close(). Fix the memory leak by anchoring the URB in the ems_usb_read_bulk_callback() to the dev->rx_submitted anchor.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-04
Last Modified
2026-02-06
Generated
2026-05-07
AI Q&A
2026-02-04
EPSS Evaluated
2026-05-05
NVD
CVE-2026-23058
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux_kernel linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a memory leak in the Linux kernel's ems_usb driver, specifically in the ems_usb_read_bulk_callback() function. The issue arises because USB Request Blocks (URBs) are unanchored by the USB framework before the completion callback is called, causing them not to be properly released in the ems_usb_close() function. As a result, memory allocated for these URBs is not freed, leading to a memory leak.

The fix involves anchoring the URB again within the ems_usb_read_bulk_callback() function to ensure that the URBs remain tracked and are properly freed when the device is closed.


How can this vulnerability impact me? :

This memory leak can cause the system to consume increasing amounts of memory over time when using the ems_usb driver, potentially leading to degraded system performance or instability. In environments where the affected USB device is frequently used, this could result in resource exhaustion, causing crashes or requiring system reboots.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart