CVE-2026-23155

MEDIUM

Linux Kernel 6.6.122-6.6.123 6.12.68-6.12.69 6.18.8-6.18.9 - NULL Pointer Dereference in gs_usb_receive_bulk_callback

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print an info message. In the case of a short read where netdev has not yet been assigned, initialize as NULL to avoid dereferencing an undefined value. Also report the error value of the failed resubmit.

References (6)

Core 6

Core References

https://git.kernel.org/stable/c/7a431df418ee6b79841e0b4c7c265a791e3d0a75

Patch

https://git.kernel.org/stable/c/aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5

Patch

https://git.kernel.org/stable/c/923379f1d7e3af8ccbf11edbbcf41f1bb3e9cfe6

Patch

https://git.kernel.org/stable/c/8986cdf52f86208df9c7887fee23365b5d37da26

Patch

https://git.kernel.org/stable/c/713ba826ae114ab339c9a1b31e209bebdadb0ac9

Patch

https://git.kernel.org/stable/c/494fc029f662c331e06b7c2031deff3c64200eed

Scores

CVSS v3 5.5

EPSS 0.0011

EPSS Percentile 1.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (16)

linux/Kernel 6.12.68 - 6.12.69linux

linux/Kernel 6.18.8 - 6.18.9linux

linux/Kernel 6.6.122 - 6.6.123linux

Linux/Linux 6.12.68 - 6.12.69

Linux/Linux 6.18.8 - 6.18.9

Linux/Linux 6.6.122 - 6.6.123

Linux/Linux 79a6d1bfe1148bc921b8d7f3371a7fbce44e30f7 - 494fc029f662c331e06b7c2031deff3c64200eed

Linux/Linux aa8a8866c533a150be4763bcb27993603bd5426c - aed58a28ea71a0d7d0947190fab1e3f4daa1d4a5

Linux/Linux c3edc14da81a8d8398682f6e4ab819f09f37c0b7 - 713ba826ae114ab339c9a1b31e209bebdadb0ac9

Linux/Linux c610b550ccc0438d456dfe1df9f4f36254ccaae3 - 8986cdf52f86208df9c7887fee23365b5d37da26

... and 6 more

Published Feb 14, 2026

Tracked Since Feb 18, 2026