CVE-2026-37532 Overview
CVE-2026-37532 is a heap buffer over-read vulnerability in the Automotive Grade Linux (AGL) agl-service-can-low-level component through version 17.1.12. The flaw exists in the bundled isotp-c library, specifically in the isotp_continue_receive function in receive.c lines 87-89. An attacker on the adjacent CAN bus network can send a crafted Single Frame ISO-TP message that causes memcpy to read up to 8 bytes past the end of the source CAN frame buffer. The issue is tracked as [CWE-126: Buffer Over-read].
Critical Impact
An attacker with adjacent network access to the CAN bus can trigger out-of-bounds memory reads in the CAN handling service, potentially crashing the service and disrupting vehicle subsystems that depend on it.
Affected Products
- Automotive Grade Linux (AGL) agl-service-can-low-level through 17.1.12
- AGL distributions bundling the affected isotp-c library
- Automotive ECUs and infotainment systems built on vulnerable AGL releases
Discovery Timeline
- 2026-05-01 - CVE-2026-37532 published to NVD
- 2026-05-07 - Last updated in NVD database
Technical Details for CVE-2026-37532
Vulnerability Analysis
The vulnerability resides in the ISO-TP (ISO 15765-2) Single Frame parser used by agl-service-can-low-level. ISO-TP encodes the payload length of a Single Frame in the lower 4-bit nibble of the first protocol control information (PCI) byte. This nibble can hold values from 0 to 15. A standard Classical CAN frame, however, carries only 8 data bytes total. With the PCI byte occupying data[0], only 7 bytes of payload remain at data[1] through data[7].
The isotp_continue_receive function trusts the declared length without bounding it against the actual frame size. When an attacker sets the length nibble to a value greater than 7, the subsequent memcpy(message.payload, &data[1], payload_length) reads up to 8 bytes beyond the inbound CAN frame buffer. The leaked adjacent heap data is then copied into the ISO-TP message structure for downstream handling.
Root Cause
The root cause is missing input validation on attacker-controlled length metadata. The parser accepts the 4-bit length field as authoritative without comparing it to the maximum payload capacity of a Classical CAN frame (7 bytes for Single Frames). This violates the principle of validating untrusted protocol fields against transport-layer constraints before using them as memory copy sizes.
Attack Vector
Exploitation requires adjacent network access to the CAN bus carrying ISO-TP traffic to the AGL service. An attacker with physical or logical access to an in-vehicle CAN segment, a connected diagnostic port (OBD-II), or a compromised peer ECU can transmit a malformed Single Frame. The frame contains a PCI byte with the length nibble set between 8 and 15, while the actual data field holds at most 7 payload bytes. When agl-service-can-low-level processes the frame, the over-read occurs and may crash the service, causing high availability impact on CAN-dependent functionality. See the Automotive Linux Gerrit Project for the affected source tree and the GitHub Gist Example Code for a reference reproducer.
Detection Methods for CVE-2026-37532
Indicators of Compromise
- ISO-TP Single Frames where the lower nibble of data[0] is greater than 7, indicating a length field exceeding the 7-byte Single Frame capacity.
- Repeated crashes or restarts of the agl-service-can-low-level daemon on AGL-based ECUs.
- Unexpected CAN traffic originating from non-authoritative ECUs or from the OBD-II port targeting service identifiers handled by the affected daemon.
Detection Strategies
- Deploy a CAN intrusion detection system (IDS) rule that flags Single Frames with PCI nibble values of 8 through 15.
- Monitor systemd journal entries on AGL targets for SIGSEGV or SIGABRT signals raised by agl-service-can-low-level.
- Correlate CAN bus anomalies with host-level service crashes to identify exploitation attempts against the ISO-TP stack.
Monitoring Recommendations
- Forward AGL service logs and crash reports to a centralized analytics platform for retention and alerting.
- Baseline normal ISO-TP traffic patterns per ECU and alert on length-field outliers and unsolicited Single Frames.
- Track diagnostic session activity on OBD-II and gateway interfaces, escalating sustained malformed frame bursts for investigation.
How to Mitigate CVE-2026-37532
Immediate Actions Required
- Inventory all AGL deployments and identify devices running agl-service-can-low-level at or below version 17.1.12.
- Restrict physical and logical access to in-vehicle CAN segments, including OBD-II ports, until patched firmware is deployed.
- Apply CAN gateway filtering to block externally sourced ISO-TP Single Frames with malformed length nibbles.
Patch Information
No fixed version was listed in the NVD entry at the time of publication. Track the Automotive Linux Gerrit Project for upstream commits to isotp-c that bound payload_length against the available CAN frame data before invoking memcpy. The corrected logic must reject Single Frames whose declared length exceeds 7 bytes for Classical CAN.
Workarounds
- Configure CAN firewall or gateway rules to drop Single Frames where (data[0] & 0x0F) > 7.
- Disable or sandbox agl-service-can-low-level on devices that do not require ISO-TP transport handling.
- Segment diagnostic and infotainment CAN buses so that untrusted peers cannot reach the affected service directly.
# Example CAN frame filter using can-utils to drop malformed Single Frames
# (illustrative — adapt to your gateway or IDS rule engine)
candump -L can0 | awk -F'[# ]' '{
pci = strtonum("0x" substr($3,1,2));
type = rshift(pci, 4);
len = and(pci, 0x0F);
if (type == 0 && len > 7) print "DROP malformed SF:", $0;
}'
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
