CVE-2025-68307
Description
In the Linux kernel, the following vulnerability has been resolved:
can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and ultimately to a complete stop of the transmission.
If the sending of a bulk URB fails do proper cleanup: - increase netdev stats - mark the echo_sbk as free - free the driver's context and do accounting - wake the send queue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A bug in the Linux kernel's gs_usb CAN driver fails to clean up failed USB bulk transfers, leading to resource exhaustion and complete transmission stall.
In the Linux kernel's CAN driver for USB devices (gs_usb), a vulnerability exists in the gs_usb_xmit_callback() function where failed transmitted URBs are not properly cleaned up. This causes a leak of URB resources, reducing the number of available URBs each time a transmission error occurs.
The attack surface is local; an attacker would need to be able to trigger USB transmission failures on a system using a gs_usb CAN device. This could be achieved by physical access or by exploiting other vulnerabilities that cause USB errors. No authentication is required beyond the ability to interact with the CAN interface.
Impact: Over time, the resource leak leads to degraded performance and ultimately a complete stop of all CAN transmissions from the driver, resulting in denial of service.
Mitigation: The vulnerability is fixed in the Linux kernel by commits [1], [2], and [3] which implement proper cleanup: netdev stats increment, echo skb marking as free, driver context freeing, and waking the send queue. Users should apply the kernel update.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/1a588c40a422a3663a52f1c5535e8fb6b044167dnvd
- git.kernel.org/stable/c/4a82072e451eacf24fc66a445e906f5095d215dbnvd
- git.kernel.org/stable/c/516a0cd1c03fa266bb67dd87940a209fd4e53ce7nvd
- git.kernel.org/stable/c/9c8eb33b7008178b6ce88aa7593d12063ce60ca3nvd
- git.kernel.org/stable/c/f7a5560675bd85efaf16ab01a43053670ff2b000nvd
News mentions
0No linked articles in our index yet.