CVE-2026-46255
Analyzed Analyzed - Analysis Complete
Double Free in Linux Kernel FSL EDMA Driver

Publication date: 2026-06-03

Last updated on: 2026-06-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove() The clocks in fsl_edma_engine::muxclk are allocated and enabled with devm_clk_get_enabled(), which automatically cleans these resources up, but these clocks are also manually disabled in fsl_edma_remove(). This causes warnings on driver removal for each clock: edma_module already disabled WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1200 clk_core_disable+0x198/0x1c8 [...] Call trace: clk_core_disable+0x198/0x1c8 (P) clk_disable+0x34/0x58 fsl_edma_remove+0x74/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- edma_module already unprepared WARNING: CPU: 0 PID: 418 at drivers/clk/clk.c:1059 clk_core_unprepare+0x1f8/0x220 [...] Call trace: clk_core_unprepare+0x1f8/0x220 (P) clk_unprepare+0x34/0x58 fsl_edma_remove+0x7c/0xe8 [fsl_edma] [...] ---[ end trace 0000000000000000 ]--- Fix these warnings by removing the unnecessary fsl_disable_clocks() call in fsl_edma_remove().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-03
Last Modified
2026-06-09
Generated
2026-06-24
AI Q&A
2026-06-03
EPSS Evaluated
2026-06-22
NVD
CVE-2026-46255
EUVD
EUVD-2026-34117
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.14 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.75 (exc)
linux linux_kernel From 6.6 (inc) to 6.6.128 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is related to the Linux kernel's dmaengine driver for the Freescale EDMA (Enhanced Direct Memory Access) controller. Specifically, the issue occurs because the driver disables clocks manually in its remove function, even though these clocks are already managed and automatically cleaned up by the system. This results in warnings during driver removal, such as "edma_module already disabled" and related kernel warnings.

The root cause is that the clocks allocated and enabled with devm_clk_get_enabled() are automatically cleaned up, so manually disabling them again is unnecessary and causes these warnings. The fix removes the redundant clock disable calls in the driver's remove function.

Compliance Impact

There is no information available in the provided context or resources about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability primarily causes warning messages during the removal of the fsl_edma driver in the Linux kernel. These warnings indicate that clocks are being disabled multiple times unnecessarily.

While these warnings do not directly cause functional failures or security breaches, they can clutter system logs and potentially confuse system administrators or developers troubleshooting kernel or driver issues.

Detection Guidance

This vulnerability can be detected by observing warning messages related to clock disabling in the Linux kernel logs when the fsl_edma driver is removed.

  • Check kernel logs for warnings such as 'edma_module already disabled' and 'edma_module already unprepared'.
  • Use the command: dmesg | grep -i 'edma_module already disabled'
  • Use the command: dmesg | grep -i 'edma_module already unprepared'
Mitigation Strategies

The immediate mitigation is to apply the fix that removes the unnecessary manual disabling of clocks in the fsl_edma_remove() function.

This fix prevents the warnings by relying on devm_clk_get_enabled() to automatically clean up the clocks without manual disable calls.

If you are not a developer, ensure your Linux kernel is updated to a version that includes this fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46255. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart