CVE-2026-23298
ADVISORY - nistSummary
In the Linux kernel, the following vulnerability has been resolved:
can: ucan: Fix infinite loop from zero-length messages
If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucan_read_bulk_callback(), hanging the system. If the length is 0, just skip the message and go on to the next one.
This has been fixed in the kvaser_usb driver in the past in commit 0c73772cd2b8 ("can: kvaser_usb: leaf: Fix potential infinite loop in command parsers"), so there must be some broken devices out there like this somewhere.
EPSS Score: 0.00123 (0.024)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Loop with Unreachable Exit Condition ('Infinite Loop')
ADVISORY - redhat
Unchecked Input for Loop Condition
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-23298
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.5mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2026-23298
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-23298
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5.5mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2026-23298
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.5mediumPhoton
CREATED
UPDATED
ADVISORY ID
CVE-2026-23298
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-