CVE-2026-46074

medium

Description

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an explicit URB kill on disconnect for symmetry (even if that is not strictly required as USB core would have stopped it in the current setup).

References

https://git.kernel.org/stable/c/ff8a7996dc8bf433efe2126ffdaee5b374a89e30

https://git.kernel.org/stable/c/b99e3ddb91b499d920e63a2daff8880be68cfe9e

https://git.kernel.org/stable/c/9bee2faf9e21c796d0d222c9d84a98f41bd303a0

https://git.kernel.org/stable/c/5c6518633702d7f7b1153e9d8e042af847f11ef3

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-05-27

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium