Linux kernel mpc52xx SPI UAF on unbind
CVE-2026-46219 Published on May 28, 2026
spi: mpc52xx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved:
spi: mpc52xx: fix use-after-free on unbind
The state machine work is scheduled by the interrupt handler and
therefore needs to be cancelled after disabling interrupts to avoid a
potential use-after-free.
Products Associated with CVE-2026-46219
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59 and below bb6b50f709c5a01906ff72a07fdc070bb3357188 is affected.
- Version 90b72189de2cddacb26250579da0510b29a8b82b and below ee52da0dd83ebcd89ecbbe2660c57b15a25489f2 is affected.
- Version 984836621aad98802d92c4a3047114cf518074c8 and below 6c3e413919a12627d04a31a4a5fccb9fc129bb02 is affected.
- Version 984836621aad98802d92c4a3047114cf518074c8 and below bbcd6dd8e9f264440eaf6167382bf404911c1c46 is affected.
- Version 984836621aad98802d92c4a3047114cf518074c8 and below 706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0 is affected.
- Version d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1 is affected.
- Version e0c6ce8424095c2da32a063d3fc027494c689817 is affected.
- Version cd5106c77d6d6828aa82449f01f4eb436d602a21 is affected.
- Version 373d55a47dc662e5e30d12ad5d334312f757c1f1 is affected.
- Version 6.6.66 and below 6.6.140 is affected.
- Version 6.12.5 and below 6.12.90 is affected.
- Version 5.4.287 and below 5.5 is affected.
- Version 5.10.231 and below 5.11 is affected.
- Version 5.15.174 and below 5.16 is affected.
- Version 6.1.120 and below 6.2 is affected.
- Version 6.13 is affected.
- Before 6.13 is unaffected.
- Version 6.6.140, <= 6.6.* is unaffected.
- Version 6.12.90, <= 6.12.* is unaffected.
- Version 6.18.32, <= 6.18.* is unaffected.
- Version 7.0.9, <= 7.0.* is unaffected.
- Version 7.1-rc1, <= * is unaffected.