CVE-2026-46296

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: s3c64xx: fix NULL-deref on driver unbind

A change moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove().

Drop the bogus DMA channel release from remove() to avoid triggering a NULL-pointer dereference on driver unbind.

This issue was flagged by Sashiko when reviewing a controller deregistration fix.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7affected
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 1108b8722b9ff0cdd3e8aa18d98244fcd93b6760affected
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 323a258f4b1916b5a3098618e036e033b2f2317faffected
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 1b66f16a571a10ba8889ac471755c8af9c5b9266affected
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 22788b1a8611380b141e09a8896702e32d164238affected
LinuxLinuxf52b03c707444c5a3d1a0b9c5724f93ddc3c588e < 45daacbead8a009844bd5dba6cfa731332184d17affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.176 <= 6.1.*unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.88 <= 6.12.*unaffected
LinuxLinux6.18.30 <= 6.18.*unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References