Linux Kernel Use-After-Free Vulnerability in m_can Transmission Handler

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's m_can transmission handler. This issue arises because the function skbcan_put_echo_skb() clones a socket buffer (skb) and then frees it, creating a potential use-after-free condition. The vulnerability affects the m_can version 3.0.x. The issue has been addressed by moving the skbcan_put_echo_skb() call to before the transmission starts in hardware, aligning it with the 3.1.x branch.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for memory corruption or arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Use-After-Free Vulnerability in m_can Transmission Handler

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating