CVE-2026-46255
Received Received - Intake
Double Free in Linux Kernel FSL EDMA Driver

Publication date: 2026-06-03

Last updated on: 2026-06-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() The clocks in fsl_edma_engine::muxclk are allocated and enabled with devm_clk_get_enabled(), which automatically cleans these resources up, but these clocks are also manually disabled in fsl_edma_remove(). This causes warnings on driver removal for each clock: edma_module already disabled WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1200 clk_core_disable+0x198/0x1c8 [...] Call trace: clk_core_disable+0x198/0x1c8 (P) clk_disable+0x34/0x58 fsl_edma_remove+0x74/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- edma_module already unprepared WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1059 clk_core_unprepare+0x1f8/0x220 [...] Call trace: clk_core_unprepare+0x1f8/0x220 (P) clk_unprepare+0x34/0x58 fsl_edma_remove+0x7c/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- Fix these warnings by removing the unnecessary fsl_disable_clocks() call in fsl_edma_remove().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-03
Last Modified
2026-06-03
Generated
2026-06-04
AI Q&A
2026-06-03
EPSS Evaluated
N/A
NVD
CVE-2026-46255
EUVD
EUVD-2026-34117
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
fsl fsl_edma *
freescale fsl_edma *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is related to the Linux kernel's dmaengine driver for the Freescale EDMA (Enhanced Direct Memory Access) controller. Specifically, the issue occurs because the driver disables clocks manually in its remove function, even though these clocks are already managed and automatically cleaned up by the system. This results in warnings during driver removal, such as "edma_module already disabled" and related kernel warnings.

The root cause is that the clocks allocated and enabled with devm_clk_get_enabled() are automatically cleaned up, so manually disabling them again is unnecessary and causes these warnings. The fix removes the redundant clock disable calls in the driver's remove function.


How can this vulnerability impact me? :

This vulnerability primarily causes warning messages during the removal of the fsl_edma driver in the Linux kernel. These warnings indicate that clocks are being disabled multiple times unnecessarily.

While these warnings do not directly cause functional failures or security breaches, they can clutter system logs and potentially confuse system administrators or developers troubleshooting kernel or driver issues.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by observing warning messages related to clock disabling in the Linux kernel logs when the fsl_edma driver is removed.

  • Check kernel logs for warnings such as 'edma_module already disabled' and 'edma_module already unprepared'.
  • Use the command: dmesg | grep -i 'edma_module already disabled'
  • Use the command: dmesg | grep -i 'edma_module already unprepared'

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation is to apply the fix that removes the unnecessary manual disabling of clocks in the fsl_edma_remove() function.

This fix prevents the warnings by relying on devm_clk_get_enabled() to automatically clean up the clocks without manual disable calls.

If you are not a developer, ensure your Linux kernel is updated to a version that includes this fix.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart