{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-23037","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-01-13T15:37:45.943Z","datePublished":"2026-01-31T11:42:31.689Z","dateUpdated":"2026-05-11T21:58:46.896Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:58:46.896Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: allow partial RX URB allocation to succeed\n\nWhen es58x_alloc_rx_urbs() fails to allocate the requested number of\nURBs but succeeds in allocating some, it returns an error code.\nThis causes es58x_open() to return early, skipping the cleanup label\n'free_urbs', which leads to the anchored URBs being leaked.\n\nAs pointed out by maintainer Vincent Mailhol, the driver is designed\nto handle partial URB allocation gracefully. Therefore, partial\nallocation should not be treated as a fatal error.\n\nModify es58x_alloc_rx_urbs() to return 0 if at least one URB has been\nallocated, restoring the intended behavior and preventing the leak\nin es58x_open()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/can/usb/etas_es58x/es58x_core.c"],"versions":[{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"97250eb05e4b6afe787290e8fd97d0675116c61b","status":"affected","versionType":"git"},{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"aec888f44853584b5a7cd01249806030cf94a73d","status":"affected","versionType":"git"},{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"611e839d2d552416b498ed5593e10670f61fcd4d","status":"affected","versionType":"git"},{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"ba45e3d6b02c97dbb4578fbae7027fd66f3caa10","status":"affected","versionType":"git"},{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"6c5124a60989051799037834f0a1a4b428718157","status":"affected","versionType":"git"},{"version":"8537257874e949a59c834cecfd5a063e11b64b0b","lessThan":"b1979778e98569c1e78c2c7f16bb24d76541ab00","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/can/usb/etas_es58x/es58x_core.c"],"versions":[{"version":"5.13","status":"affected"},{"version":"0","lessThan":"5.13","status":"unaffected","versionType":"semver"},{"version":"5.15.199","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.162","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.122","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.67","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.7","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"6.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.15.199"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.1.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.6.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.12.67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.18.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/97250eb05e4b6afe787290e8fd97d0675116c61b"},{"url":"https://git.kernel.org/stable/c/aec888f44853584b5a7cd01249806030cf94a73d"},{"url":"https://git.kernel.org/stable/c/611e839d2d552416b498ed5593e10670f61fcd4d"},{"url":"https://git.kernel.org/stable/c/ba45e3d6b02c97dbb4578fbae7027fd66f3caa10"},{"url":"https://git.kernel.org/stable/c/6c5124a60989051799037834f0a1a4b428718157"},{"url":"https://git.kernel.org/stable/c/b1979778e98569c1e78c2c7f16bb24d76541ab00"}],"title":"can: etas_es58x: allow partial RX URB allocation to succeed","x_generator":{"engine":"bippy-1.2.0"}}}}