CVE-2026-45996

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration (unless the allocation is device managed). Take another reference before deregistering the controller so that the driver data is not freed until the driver is done with it.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

19 Jun 2026, 13:16

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/c7c40c3e7b9fb900504aa746de3e53c5275b24bd -

16 Jun 2026, 13:44

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-416
References () https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cff - () https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cff - Patch
References () https://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096 - () https://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096 - Patch
References () https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003 - () https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003 - Patch
References () https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17 - () https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17 - Patch
References () https://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643 - () https://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

27 May 2026, 14:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-05-27 14:17

Updated : 2026-06-19 13:16


NVD link : CVE-2026-45996

Mitre link : CVE-2026-45996

CVE.ORG link : CVE-2026-45996


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free