CVE-2026-45996
spi: imx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved:
spi: imx: fix use-after-free on unbind
The SPI subsystem frees the controller and any subsystem allocated
driver data as part of deregistration (unless the allocation is device
managed).
Take another reference before deregistering the controller so that the
driver data is not freed until the driver is done with it.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cffhttps://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17https://git.kernel.org/stable/c/c7c40c3e7b9fb900504aa746de3e53c5275b24bdhttps://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643