CVE-2026-46219
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability related to use-after-free has been fixed in the Linux kernel in the spi: mpc52xx component. The issue occurred in the state machine work scheduled by the interrupt handler, which could lead to unsafe memory access.
Risk Assessment
Exploitation of this vulnerability could lead to unpredictable system behavior, including crashes or data integrity issues. Organizations should be aware of the risks associated with running an outdated kernel.
Recommendation
It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and minimize the risks associated with use-after-free.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free.

