7.8

CVE-2026-46219

spi: mpc52xx: fix use-after-free on unbind

In the Linux kernel, the following vulnerability has been resolved:

spi: mpc52xx: fix use-after-free on unbind

The state machine work is scheduled by the interrupt handler and
therefore needs to be cancelled after disabling interrupts to avoid a
potential use-after-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.287 < 5.5
LinuxLinux Kernel Version >= 5.10.231 < 5.10.258
LinuxLinux Kernel Version >= 5.15.174 < 5.15.209
LinuxLinux Kernel Version >= 6.1.120 < 6.1.175
LinuxLinux Kernel Version >= 6.6.66 < 6.6.140
LinuxLinux Kernel Version >= 6.12.5 < 6.12.90
LinuxLinux Kernel Version >= 6.13.1 < 6.18.32
LinuxLinux Kernel Version >= 6.19 < 7.0.9
LinuxLinux Kernel Version6.13 Update-
LinuxLinux Kernel Version6.13 Updaterc2
LinuxLinux Kernel Version6.13 Updaterc3
LinuxLinux Kernel Version6.13 Updaterc4
LinuxLinux Kernel Version6.13 Updaterc5
LinuxLinux Kernel Version6.13 Updaterc6
LinuxLinux Kernel Version6.13 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.032
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/bb6b50f709c5a01906ff72a07fdc070bb3357188
Patch
https://git.kernel.org/stable/c/ee52da0dd83ebcd89ecbbe2660c57b15a25489f2
Patch
https://git.kernel.org/stable/c/6c3e413919a12627d04a31a4a5fccb9fc129bb02
Patch
https://git.kernel.org/stable/c/bbcd6dd8e9f264440eaf6167382bf404911c1c46
Patch
https://git.kernel.org/stable/c/706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0
Patch
https://git.kernel.org/stable/c/0944b20e9dfa2917bd70eb5b301cbb67fe54a718
Patch
https://git.kernel.org/stable/c/ac8316c896c79f32c1d0a38cb41fd2b14cf8112e
Patch
https://git.kernel.org/stable/c/ed929d40963073f23cfb50219ccbcc6e0c3ea641
Patch