Main Vulnerability Database SB2025122337

SB2025122337 - Input validation error in Linux kernel can usb driver

Published: December 23, 2025

Security Bulletin ID SB2025122337

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2025-68342)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the gs_usb_get_echo_skb() and gs_usb_receive_bulk_callback() functions in drivers/net/can/usb/gs_usb.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/395d988f93861101ec89d0dd9e3b876ae9392a5b
https://git.kernel.org/stable/c/4ffac725154cf6a253f5e6aa0c8946232b6a0af5
https://git.kernel.org/stable/c/ad55004a3cb5b41ef78aa6c09e7bc5a489ba652b
https://git.kernel.org/stable/c/fb0c7c77a7ae3a2c3404b7d0173b8739a754b513