CVE-2026-46241
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability related to use-after-free on SPI mpc52xx controller registration failure has been fixed. The issue was due to not disabling and freeing interrupts, which could lead to resource leaks.
Risk Assessment
Organizations may be at risk of exploitation of this vulnerability, potentially leading to unauthorized access or system instability.
Recommendation
It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure that interrupts are disabled and freed in case of controller registration failure.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on registration failure Make sure to disable and free the interrupts in case controller registration fails to avoid a potential use-after-free and resource leak. This issue was flagged by Sashiko when reviewing a controller deregistration fix.

