CVE-2026-23324

EUVD-2026-15277
In the Linux kernel, the following vulnerability has been resolved:

can: usb: etas_es58x: correctly anchor the urb in the read bulk callback

When submitting an urb, that is using the anchor pattern, it needs to be
anchored before submitting it otherwise it could be leaked if
usb_kill_anchored_urbs() is called.  This logic is correctly done
elsewhere in the driver, except in the read bulk callback so do that
here also.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.13.1 ≤
𝑥
< 5.15.203
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.167
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.130
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.77
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.17
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.7
linuxlinux_kernel
5.13
linuxlinux_kernel
7.0:rc1
linuxlinux_kernel
7.0:rc2
linuxlinux_kernel
7.0:rc3
linuxlinux_kernel
7.0:rc4
linuxlinux_kernel
7.0:rc5
linuxlinux_kernel
7.0:rc6
linuxlinux_kernel
7.0:rc7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
6.1.170-3
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.251-4
fixed
forky
7.0.4-1
fixed
sid
7.0.4-1
fixed
trixie
vulnerable
trixie (security)
6.12.86-1
fixed
linux-6.1
bullseye (security)
6.1.170-3~deb11u1
fixed
References
https://git.kernel.org/stable/c/18eee279e9b5bff0db1aca9475ae4bc12804f05c
https://git.kernel.org/stable/c/2185ea6e4ebcb61d1224dc7d187c59723cb5ad59
https://git.kernel.org/stable/c/5eaad4f768266f1f17e01232ffe2ef009f8129b7
https://git.kernel.org/stable/c/7a0171b4921ad443fee5ed4fcb9d99fa4776edac
https://git.kernel.org/stable/c/b878444519fa03a3edd287d1963cf79ef78be2f1
https://git.kernel.org/stable/c/b8f9ca88253574638bcff38900a4c28d570b1919
https://git.kernel.org/stable/c/f6e90c113c92e83fc0963d5e60e16b0e8a268981