CVE-2026-46228

{"id": "CVE-2026-46228", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "affected": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "affectedData": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "8846739f52afa07e63395c80227dc544f54bd7b1", "lessThan": "4422fc2411cbbdf5104a914e0596bb483faea254", "versionType": "git"}, {"status": "affected", "version": "8846739f52afa07e63395c80227dc544f54bd7b1", "lessThan": "108a64b27a52f781c4f3751641e3dd65c7dd2fb5", "versionType": "git"}, {"status": "affected", "version": "8846739f52afa07e63395c80227dc544f54bd7b1", "lessThan": "abe572f630bc1f0e77041012ab075869036ede4f", "versionType": "git"}], "programFiles": ["drivers/spi/spi-ch341.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.11"}, {"status": "unaffected", "version": "0", "lessThan": "6.11", "versionType": "semver"}, {"status": "unaffected", "version": "6.18.32", "versionType": "semver", "lessThanOrEqual": "6.18.*"}, {"status": "unaffected", "version": "7.0.9", "versionType": "semver", "lessThanOrEqual": "7.0.*"}, {"status": "unaffected", "version": "7.1", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/spi/spi-ch341.c"], "defaultStatus": "affected"}]}], "published": "2026-05-28T10:16:38.433", "references": [{"url": "https://git.kernel.org/stable/c/108a64b27a52f781c4f3751641e3dd65c7dd2fb5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4422fc2411cbbdf5104a914e0596bb483faea254", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/abe572f630bc1f0e77041012ab075869036ede4f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-401"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: ch341: fix devres lifetime\n\nUSB drivers bind to USB interfaces and any device managed resources\nshould have their lifetime tied to the interface rather than parent USB\ndevice. This avoids issues like memory leaks when drivers are unbound\nwithout their devices being physically disconnected (e.g. on probe\ndeferral or configuration changes).\n\nFix the controller and driver data lifetime so that they are released\non driver unbind.\n\nNote that this also makes sure that the SPI controller is placed\ncorrectly under the USB interface in the device tree."}], "lastModified": "2026-06-17T10:53:22.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13FAF5D0-1114-4FE3-8D82-8605F86F9518", "versionEndExcluding": "6.18.32", "versionStartIncluding": "6.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33ACA10B-B260-46EA-BD50-70EBE5097672", "versionEndExcluding": "7.0.9", "versionStartIncluding": "6.19"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}