Zurück zur CVE-Übersicht
CVE-2026-45996
HIGH(7.8)CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Risk Signal Score20/100 — NIEDRIG
- CVSS 7.8 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.8
Technische Schwere
Beschreibung
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration (unless the allocation is device managed). Take another reference before deregistering the controller so that the driver data is not freed until the driver is done with it.
Referenzen
- https://git.kernel.org/stable/c/132e47030b0b5e398e0da6c59df5a5dae9b52cff
- https://git.kernel.org/stable/c/1c78c2002380a1fe31bfb01a3d5f29809e55a096
- https://git.kernel.org/stable/c/385a330083f8dd47c15b02e9a83aef9234a37003
- https://git.kernel.org/stable/c/aa9025a498036b6012769f7af36d421385386c17
- https://git.kernel.org/stable/c/c7c40c3e7b9fb900504aa746de3e53c5275b24bd
- https://git.kernel.org/stable/c/f99165ef067723221472ce1aff632bc74f562643