-

CVE-2026-23312

EPSS 0.04%
Veröffentlicht 25.03.2026 10:27:07
Zuletzt bearbeitet 18.04.2026 09:16:18
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net: usb: kaweth: validate USB endpoints

In the Linux kernel, the following vulnerability has been resolved:

net: usb: kaweth: validate USB endpoints

The kaweth driver should validate that the device it is probing has the
proper number and types of USB endpoints it is expecting before it binds
to it.  If a malicious device were to not have the same urbs the driver
will crash later on when it blindly accesses these endpoints.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 13

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 3b5075e4ce97d1a1ce82ff3fb6308761987a48bb

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 6c986abd2a5033633c6e6f9dd135cf96b19c7fdf

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 7c7ebf5e45d2504d92ea294ac3828d58586491df

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 72f90f481c6a059680b9b976695d4cfb04fba1f3

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < f33e80d195a003b384620ee240f69092b519146b

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 2795fc06e7652c0ba299d936c584d5e08b6b57a1

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 0aae18e4638a7c1c579df92bc6edc36cedfaaa8c

Status affected

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Version < 4b063c002ca759d1b299988ee23f564c9609c875

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.12

Status affected

Version 0

Version < 2.6.12

Status unaffected

Version <= 5.10.*

Version 5.10.253

Status unaffected

Version <= 5.15.*

Version 5.15.203

Status unaffected

Version <= 6.1.*

Version 6.1.167

Status unaffected

Version <= 6.6.*

Version 6.6.130

Status unaffected

Version <= 6.12.*

Version 6.12.77

Status unaffected

Version <= 6.18.*

Version 6.18.17

Status unaffected

Version <= 6.19.*

Version 6.19.7

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.102

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/7c7ebf5e45d2504d92ea294ac3828d58586491df

https://git.kernel.org/stable/c/72f90f481c6a059680b9b976695d4cfb04fba1f3

https://git.kernel.org/stable/c/f33e80d195a003b384620ee240f69092b519146b

https://git.kernel.org/stable/c/2795fc06e7652c0ba299d936c584d5e08b6b57a1

https://git.kernel.org/stable/c/0aae18e4638a7c1c579df92bc6edc36cedfaaa8c

https://git.kernel.org/stable/c/4b063c002ca759d1b299988ee23f564c9609c875

https://git.kernel.org/stable/c/3b5075e4ce97d1a1ce82ff3fb6308761987a48bb

https://git.kernel.org/stable/c/6c986abd2a5033633c6e6f9dd135cf96b19c7fdf

https://nvd.nist.gov/vuln/detail/CVE-2026-23312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23312

EUVD