CVE-2026-46296
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability in the s3c64xx SPI driver was found. Moving DMA channel allocation from probe() to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove(), causing a NULL-pointer dereference on driver unbind.
Risk Assessment
The risk involves a potential kernel panic or system crash when unbinding the SPI driver, which could disrupt devices relying on this interface.
Recommendation
Immediately update the Linux kernel to a version containing the fix that removes the bogus DMA channel release from remove().
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove(). Drop the bogus DMA channel release from remove() to avoid triggering a NULL-pointer dereference on driver unbind. This issue was flagged by Sashiko when reviewing a controller deregistration fix.

