Main Vulnerability Database SB2026020469

SB2026020469 - Memory leak in Linux kernel can usb driver

Published: February 4, 2026

Security Bulletin ID SB2026020469

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2026-23108)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the usb_8dev_read_bulk_callback() function in drivers/net/can/usb/usb_8dev.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/07e9373739c6388af9d99797cdb2e79dbbcbe92b
https://git.kernel.org/stable/c/59ff56992bba28051ad67cd8cc7b0edfe7280796
https://git.kernel.org/stable/c/ea4a98e924164586066b39f29bfcc7cc9da108cd
https://git.kernel.org/stable/c/f7a980b3b8f80fe367f679da376cf76e800f9480