CVE-2026-45996
published 2026-05-27CVE-2026-45996: In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any…
medium5.5
In the Linux kernel, the following vulnerability has been resolved:
spi: imx: fix use-after-free on unbind
The SPI subsystem frees the controller and any subsystem allocated
driver data as part of deregistration (unless the allocation is device
managed).
Take another reference before deregistering the controller so that the
driver data is not freed until the driver is done with it.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= 307c897db762d1e0feee9477276b08f6deca4a5b < f99165ef067723221472ce1aff632bc74f562643 | f99165ef067723221472ce1aff632bc74f562643 |
| linux | linux | >= 307c897db762d1e0feee9477276b08f6deca4a5b < 385a330083f8dd47c15b02e9a83aef9234a37003 | 385a330083f8dd47c15b02e9a83aef9234a37003 |
| linux | linux | >= 307c897db762d1e0feee9477276b08f6deca4a5b < 132e47030b0b5e398e0da6c59df5a5dae9b52cff | 132e47030b0b5e398e0da6c59df5a5dae9b52cff |
| linux | linux | >= 307c897db762d1e0feee9477276b08f6deca4a5b < aa9025a498036b6012769f7af36d421385386c17 | aa9025a498036b6012769f7af36d421385386c17 |
| linux | linux | >= 307c897db762d1e0feee9477276b08f6deca4a5b < 1c78c2002380a1fe31bfb01a3d5f29809e55a096 | 1c78c2002380a1fe31bfb01a3d5f29809e55a096 |
| linux | linux_kernel | — | — |