{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T20:53:38.588","vulnerabilities":[{"cve":{"id":"CVE-2026-23298","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-03-25T11:16:25.320","lastModified":"2026-04-18T09:16:17.590","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: Fix infinite loop from zero-length messages\n\nIf a broken ucan device gets a message with the message length field set\nto 0, then the driver will loop for forever in\nucan_read_bulk_callback(), hanging the system.  If the length is 0, just\nskip the message and go on to the next one.\n\nThis has been fixed in the kvaser_usb driver in the past in commit\n0c73772cd2b8 (\"can: kvaser_usb: leaf: Fix potential infinite loop in\ncommand parsers\"), so there must be some broken devices out there like\nthis somewhere."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ncan: ucan: Corrección de bucle infinito por mensajes de longitud cero\n\nSi un dispositivo ucan defectuoso recibe un mensaje con el campo de longitud del mensaje establecido en 0, entonces el controlador entrará en un bucle infinito en ucan_read_bulk_callback(), colgando el sistema. Si la longitud es 0, simplemente omita el mensaje y pase al siguiente.\n\nEsto ha sido corregido en el controlador kvaser_usb en el pasado en el commit 0c73772cd2b8 ('can: kvaser_usb: leaf: Corrección de posible bucle infinito en los analizadores de comandos'), así que debe haber algunos dispositivos defectuosos por ahí como este en algún lugar."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/13b646eec3ba1131180803f5aaf1fee23540ad8f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/1e446fd0582ad8be9f6dafb115fc2e7245f9bea7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/aa9e0a7fe5efc2f74327fd37d828e9a51d9ff588","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ab6f075492d37368b4c7b0df7f7fdc2b666887fc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/bd85f21a6219aeae4389d700c54f1799f4b814e0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/c7bc62be6c1a60bb21301692009590b1ffda91d9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/ca07d3c6eef14d34e6fdeefe55058db045be29dc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/e7bb6e0606b5f233531aaaad9542d69fbb792115","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}