CVE Catalog

CVE-2026-46241

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability related to use-after-free on SPI mpc52xx controller registration failure has been fixed. The issue was due to not disabling and freeing interrupts, which could lead to resource leaks.

Risk Assessment

Organizations may be at risk of exploitation of this vulnerability, potentially leading to unauthorized access or system instability.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure that interrupts are disabled and freed in case of controller registration failure.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on registration failure Make sure to disable and free the interrupts in case controller registration fails to avoid a potential use-after-free and resource leak. This issue was flagged by Sashiko when reviewing a controller deregistration fix.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS