CVE-2026-45996
spi: imx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved:
spi: imx: fix use-after-free on unbind
The SPI subsystem frees the controller and any subsystem allocated
driver data as part of deregistration (unless the allocation is device
managed).
Take another reference before deregistering the controller so that the
driver data is not freed until the driver is done with it.
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cffhttps://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17https://git.kernel.org/stable/c/c7c40c3e7b9fb900504aa746de3e53c5275b24bdhttps://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643