CVE Catalog

CVE-2026-46225

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability related to SPI controller deregistration has been fixed in the Linux kernel. The issue was that the controller was not properly deregistered before releasing resources like DMA during driver unbind.

Risk Assessment

Improper deregistration of the controller may lead to memory leaks or other resource issues, potentially affecting system stability.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure proper resource management.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS