CVE-2026-46261
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel has been fixed that could lead to a NULL pointer dereference in the wpcm_fiu_probe() function. The issue occurred when platform_get_resource_byname() returned NULL, potentially causing system crashes.
Risk Assessment
Organizations may experience system crashes, leading to downtime and potential data loss. There is a high risk in critical environments where system stability is essential.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Additionally, systems should be monitored for potential crashes.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which would cause a crash when passed the pointer to resource_size(). Move the fiu->memory_size assignment after the error check for devm_ioremap_resource() to prevent the potential NULL pointer dereference.

