{"id":"AZL-72995","summary":"CVE-2025-68343 affecting package kernel for versions less than 6.6.119.3-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header\n\nThe driver expects to receive a struct gs_host_frame in\ngs_usb_receive_bulk_callback().\n\nUse struct_group to describe the header of the struct gs_host_frame and\ncheck that we have at least received the header before accessing any\nmembers of it.\n\nTo resubmit the URB, do not dereference the pointer chain\n\"dev-\u003eparent-\u003ehf_size_rx\" but use \"parent-\u003ehf_size_rx\" instead. Since\n\"urb-\u003econtext\" contains \"parent\", it is always defined, while \"dev\" is not\ndefined if the URB it too short.","modified":"2026-04-01T05:22:14.535376Z","published":"2025-12-23T14:16:40Z","upstream":["CVE-2025-68343"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68343"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.119.3-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-72995.json"}}],"schema_version":"1.7.5"}