CVE-2025-68343

Published: Dic 23, 2025 Last Modified: Dic 23, 2025

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header

The driver expects to receive a struct gs_host_frame in
gs_usb_receive_bulk_callback().

Use struct_group to describe the header of the struct gs_host_frame and
check that we have at least received the header before accessing any
members of it.

To resubmit the URB, do not dereference the pointer chain
'dev->parent->hf_size_rx' but use 'parent->hf_size_rx' instead. Since
'urb->context' contains 'parent', it is always defined, while 'dev' is not
defined if the URB it too short.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,1th

Updated

EPSS Score Trend (Last 83 Days)

https://git.kernel.org/stable/c/18cbce43363c9f84b90a92d57df…

https://git.kernel.org/stable/c/18cbce43363c9f84b90a92d57df341155eee0697

https://git.kernel.org/stable/c/3433680b759646efcacc64fe36a…

https://git.kernel.org/stable/c/3433680b759646efcacc64fe36aa2e51ae34b8f0

https://git.kernel.org/stable/c/616eee3e895b8ca0028163fcb1d…

https://git.kernel.org/stable/c/616eee3e895b8ca0028163fcb1dce5e3e9dea322

https://git.kernel.org/stable/c/6fe9f3279f7d2518439a7962c58…

https://git.kernel.org/stable/c/6fe9f3279f7d2518439a7962c5870c6e9ecbadcf

https://git.kernel.org/stable/c/f31693dc3a584c0ad3937e857b5…

https://git.kernel.org/stable/c/f31693dc3a584c0ad3937e857b59dbc1a7ed2b87