In the Linux kernel, the following vulnerability has been resolved:
spi: imx: fix use-after-free on unbind
The SPI subsystem frees the controller and any subsystem allocated
driver data as part of deregistration (unless the allocation is device
managed).
Take another reference before deregistering the controller so that the
driver data is not freed until the driver is done with it.
References
Configurations
Configuration 1 (hide)
|
History
19 Jun 2026, 13:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
16 Jun 2026, 13:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Linux linux Kernel
Linux |
|
| CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| CWE | CWE-416 | |
| References | () https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cff - Patch | |
| References | () https://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096 - Patch | |
| References | () https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003 - Patch | |
| References | () https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17 - Patch | |
| References | () https://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643 - Patch | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
27 May 2026, 14:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-27 14:17
Updated : 2026-06-19 13:16
NVD link : CVE-2026-45996
Mitre link : CVE-2026-45996
CVE.ORG link : CVE-2026-45996
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free
