CVE-2026-46219

high

Description

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free.

References

https://git.kernel.org/stable/c/ee52da0dd83ebcd89ecbbe2660c57b15a25489f2

https://git.kernel.org/stable/c/bbcd6dd8e9f264440eaf6167382bf404911c1c46

https://git.kernel.org/stable/c/bb6b50f709c5a01906ff72a07fdc070bb3357188

https://git.kernel.org/stable/c/706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0

https://git.kernel.org/stable/c/6c3e413919a12627d04a31a4a5fccb9fc129bb02

Details

Source: Mitre, NVD

Published: 2026-05-28

Updated: 2026-05-28

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018