Linux Kernel SPI mpc52xx UAF on Reg Fail
CVE-2026-46241 Published on May 28, 2026
spi: mpc52xx: fix use-after-free on registration failure
In the Linux kernel, the following vulnerability has been resolved:
spi: mpc52xx: fix use-after-free on registration failure
Make sure to disable and free the interrupts in case controller
registration fails to avoid a potential use-after-free and resource
leak.
This issue was flagged by Sashiko when reviewing a controller
deregistration fix.
Products Associated with CVE-2026-46241
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 42bbb70980f3720b0ae6da6af862af0e95a04351 and below 8b49b6aadd0c622ca7d68b4a53ae10362e221cf3 is affected.
- Version 42bbb70980f3720b0ae6da6af862af0e95a04351 and below 336d9ad7560b3baba17af06727a888040ee93390 is affected.
- Version 42bbb70980f3720b0ae6da6af862af0e95a04351 and below 5c77f11b9b5f1ad5a704dad875260c44016ede10 is affected.
- Version 42bbb70980f3720b0ae6da6af862af0e95a04351 and below f62c060272b9d7423b1650b844e8e4e7b8f9f925 is affected.
- Version 2.6.33 is affected.
- Before 2.6.33 is unaffected.
- Version 6.12.90, <= 6.12.* is unaffected.
- Version 6.18.32, <= 6.18.* is unaffected.
- Version 7.0.9, <= 7.0.* is unaffected.
- Version 7.1, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.