CVE-2026-46241
Use-After-Free in Linux Kernel SPI MPC52xx Driver
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's spi: mpc52xx driver. It occurs when the controller registration fails but interrupts are not properly disabled and freed, which can lead to accessing freed memory and resource leaks.
How can this vulnerability impact me? :
The vulnerability can cause a use-after-free condition and resource leaks in the Linux kernel. This may lead to system instability, crashes, or potential exploitation by attackers to execute arbitrary code or cause denial of service.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability involves a use-after-free issue in the Linux kernel's spi: mpc52xx driver when controller registration fails.
To mitigate this vulnerability, ensure that your Linux kernel is updated to a version where this issue is fixed.
Specifically, the fix involves disabling and freeing interrupts if controller registration fails to avoid use-after-free and resource leaks.