Volerion logoVolerion
Volerion logoVolerion

Linux Kernel UCAN Driver Infinite Loop Vulnerability

Vulnerability

A vulnerability in the Linux kernel's UCAN USB driver can cause an infinite loop, leading to a system hang. This issue occurs when a faulty UCAN device sends a message with a length of zero. The driver then gets stuck in the 'ucan_read_bulk_callback()' function, unable to process further messages. The problem has been addressed in the Kvaser USB driver, indicating the presence of similar faulty devices.

Impact

The vulnerability causes a denial of service by creating an infinite loop that hangs the system.

Reproduction

To reproduce this vulnerability, connect a broken UCAN device that sends messages with the length field set to zero. The 'ucan_read_bulk_callback()' function will enter an infinite loop, causing the system to hang.

Remediation

The vulnerability has been fixed in the Linux kernel stable tree. Users can upgrade to the latest version to address this issue.

Added: Mar 25, 2026, 1:10 PM
Updated: Mar 25, 2026, 1:10 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.3
remediation
7.7
relevance
4.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.