VYPR

ucan

by Linux

CVEs (2)

  • CVE-2025-22003MedApr 3, 2025
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix out of bound read in strscpy() source Commit 7fdaf8966aae ("can: ucan: use strscpy() to instead of strncpy()") unintentionally introduced a one byte out of bound read on strscpy()'s source…

  • CVE-2026-23298MedMar 25, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucan_read_bulk_callback(), hanging…