A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.16 (including) | 3.16.79 (excluding) |
Linux_kernel | Linux | 3.17 (including) | 4.4.201 (excluding) |
Linux_kernel | Linux | 4.5 (including) | 4.9.201 (excluding) |
Linux_kernel | Linux | 4.10 (including) | 4.14.154 (excluding) |
Linux_kernel | Linux | 4.15 (including) | 4.19.84 (excluding) |
Linux_kernel | Linux | 4.20 (including) | 5.3.11 (excluding) |