CVE-2026-23362
- Source
- https://cve.org/CVERecord?id=CVE-2026-23362
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23362.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23362
- Downstream
- Published
- 2026-03-25T10:27:45.476Z
- Modified
- 2026-04-02T13:12:22.861062Z
- Summary
- can: bcm: fix locking for bcm_op runtime updates
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
can: bcm: fix locking for bcm_op runtime updates
Commit c2aba69d0c36 ("can: bcm: add locking for bcmop runtime updates") added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new TXSETUP command in bcmtx_setup().
Usually the RXSETUP only handles and filters incoming traffic with one exception: When the RXRTRFRAME flag is set a predefined CAN frame is sent when a specific RTR frame is received. Therefore the rx bcmop uses bcmcantx() which uses the bcmtxlock that was only initialized in bcmtxsetup(). Add the missing spinlockinit() when allocating the bcmop in bcmrx_setup() to handle the RTR case properly.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23362.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/70e951afad4c025261fe3c952d2b07237e320a01
- https://git.kernel.org/stable/c/800f26f11ae37b17f58e0001f28a47dd75c26557
- https://git.kernel.org/stable/c/8215ba7bc99e84e66fd6938874ec4330a9d96518
- https://git.kernel.org/stable/c/8bcf2d847adb82b2c617456f6da17ac5e6c75285
- https://git.kernel.org/stable/c/c35636e91e392e1540949bbc67932167cb48bc3a
- https://git.kernel.org/stable/c/f0c349b2c21b220af5ba19f29b885e222958d796
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23362.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23362
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2a437b86ac5a9893c902f30ef66815bf13587bf6Fixed800f26f11ae37b17f58e0001f28a47dd75c26557
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced76c84c3728178b2d38d5604e399dfe8b0752645eFixed70e951afad4c025261fe3c952d2b07237e320a01
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedcc55dd28c20a6611e30596019b3b2f636819a4c0Fixed8bcf2d847adb82b2c617456f6da17ac5e6c75285
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc2aba69d0c36a496ab4f2e81e9c2b271f2693fd7Fixed8215ba7bc99e84e66fd6938874ec4330a9d96518Fixedf0c349b2c21b220af5ba19f29b885e222958d796Fixedc35636e91e392e1540949bbc67932167cb48bc3a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected8f1c022541bf5a923c8d6fa483112c15250f30a4Last affected7595de7bc56e0e52b74e56c90f7e247bf626d628Last affectedfbd8fdc2b218e979cfe422b139b8f74c12419d1fLast affectedc4e8a172501e677ebd8ea9d9161d97dc4df56fbd
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.167
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.130
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.77
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.17
- Type
- ECOSYSTEM
- Events
-
Introduced6.15.0Fixed6.19.7