CVE-2026-46203
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel related to unclocked register access during driver unbind has been fixed. The issue involves ensuring the controller is runtime resumed before disabling it.
Risk Assessment
Improper state management of the controller may lead to unforeseen errors in the system, potentially impacting the stability and security of applications using this controller.
Recommendation
It is recommended to update the Linux kernel to the latest version to ensure proper management of register access for the controller.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: fix unclocked access on unbind Make sure that the controller is runtime resumed before disabling it during driver unbind to avoid an unclocked register access. This issue was flagged by Sashiko when reviewing a controller deregistration fix.

