CVE-2026-23031

CVSS v2.0

5.5

Medium

Vector

AV:A/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the gs can open() function related to USB-in transfer URBs. The URBs are allocated and submitted, but not always freed in gs can close() due to the USB framework unanchoring them before the completion function is called. Specifically, the issue occurs in the gs usb receive bulk callback() function where the URB is processed and resubmitted. The fix involves anchoring the URB in gs usb receive bulk callback() to the parent->rx submitted anchor.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Release of Resource after Effective Lifetime

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-401

Related Identifiers

BDU:2026-04471

CVE-2026-23031

ECHO-4166-3833-E3A2

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

CVE-2026-23031

Weakness Enumeration

Related Identifiers

Affected Products

References · 612