SB2026032589 - On-Chip Debug and Test Interface With Improper Access Control in Linux kernel can spi driver
Published: March 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) On-Chip Debug and Test Interface With Improper Access Control (CVE-ID: CVE-2026-23357)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper sequence of operations in the mcp251x CAN driver when handling error paths during device open. A local user can trigger the mcp251x_open function error path, which calls free_irq() while holding the mpc_lock mutex, leading to a deadlock if an interrupt is pending, resulting in a denial of service.
Exploitation requires access to the CAN device interface and the ability to trigger the error path in mcp251x_open.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/256f0cff6e946c570392bda1d01a65e789a7afd0
- https://git.kernel.org/stable/c/38063cc435b69d56e76f947c10d336fcb2953508
- https://git.kernel.org/stable/c/ab3f894de216f4a62adc3b57e9191888cbf26885
- https://git.kernel.org/stable/c/b73832292cd914e87a55e863ba4413a907e7db6b
- https://git.kernel.org/stable/c/d27f12c3f5e85efc479896af4a69eccb37f75e8e
- https://git.kernel.org/stable/c/e728f444c913a91d290d1824b4770780bbd6378e