Use After Free Vulnerability in Linux Kernel SPI Controller by Vendor
CVE-2026-31485

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31485?

A vulnerability exists in the Linux kernel related to the SPI controller implementation. The issue arises from an improper teardown order in the driver, specifically due to the delayed unregistration of the SPI controller when using devm_spi_register_controller(). This flaw can lead to a use after free scenario; if a SPI transfer is active while the DMA channels are being torn down synchronously, it may result in a NULL pointer dereference. The resolution involves switching to spi_register_controller() for proper handling during registration and unregistering the controller correctly during the removal process.

Affected Version(s)

Linux 5314987de5e5f5e38436ef4a69328bc472bbd63e

References

https://git.kernel.org/stable/c/fbe6f40caeebb0b1ea9dfedc2...

https://git.kernel.org/stable/c/ca4483f36ac1b62e69f8b182c...

https://git.kernel.org/stable/c/e3fd54f8b0317fbccc103961d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31485 Data

JSON