VYPR
High severity7.8NVD Advisory· Published May 27, 2026· Updated Jun 16, 2026

CVE-2026-45996

CVE-2026-45996

Description

In the Linux kernel, the following vulnerability has been resolved:

spi: imx: fix use-after-free on unbind

The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration (unless the allocation is device managed).

Take another reference before deregistering the controller so that the driver data is not freed until the driver is done with it.

Affected products

3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.