CVE-2026-46074

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: ch341: fix memory leaks on probe failures

Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free.

Also add an explicit URB kill on disconnect for symmetry (even if that is not strictly required as USB core would have stopped it in the current setup).

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1 < 5c6518633702d7f7b1153e9d8e042af847f11ef3affected
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1 < ff8a7996dc8bf433efe2126ffdaee5b374a89e30affected
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1 < 9bee2faf9e21c796d0d222c9d84a98f41bd303a0affected
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1 < b99e3ddb91b499d920e63a2daff8880be68cfe9eaffected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.12.86 <= 6.12.*unaffected
LinuxLinux6.18.27 <= 6.18.*unaffected
LinuxLinux7.0.4 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References