CVE-2026-46219

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: mpc52xx: fix use-after-free on unbind

The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe0c6ce8424095c2da32a063d3fc027494c689817 < ac8316c896c79f32c1d0a38cb41fd2b14cf8112eaffected
LinuxLinuxcd5106c77d6d6828aa82449f01f4eb436d602a21 < ed929d40963073f23cfb50219ccbcc6e0c3ea641affected
LinuxLinux373d55a47dc662e5e30d12ad5d334312f757c1f1 < 0944b20e9dfa2917bd70eb5b301cbb67fe54a718affected
LinuxLinuxf65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59 < bb6b50f709c5a01906ff72a07fdc070bb3357188affected
LinuxLinux90b72189de2cddacb26250579da0510b29a8b82b < ee52da0dd83ebcd89ecbbe2660c57b15a25489f2affected
LinuxLinux984836621aad98802d92c4a3047114cf518074c8 < 6c3e413919a12627d04a31a4a5fccb9fc129bb02affected
LinuxLinux984836621aad98802d92c4a3047114cf518074c8 < bbcd6dd8e9f264440eaf6167382bf404911c1c46affected
LinuxLinux984836621aad98802d92c4a3047114cf518074c8 < 706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0affected
LinuxLinuxd0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1affected
LinuxLinux5.10.231 < 5.10.258affected
LinuxLinux5.15.174 < 5.15.209affected
LinuxLinux6.1.120 < 6.1.175affected
LinuxLinux6.6.66 < 6.6.140affected
LinuxLinux6.12.5 < 6.12.90affected
LinuxLinux5.4.287 < 5.5affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux5.10.258 <= 5.10.*unaffected
LinuxLinux5.15.209 <= 5.15.*unaffected
LinuxLinux6.1.175 <= 6.1.*unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.90 <= 6.12.*unaffected
LinuxLinux6.18.32 <= 6.18.*unaffected
LinuxLinux7.0.9 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References