Use-After-Free Vulnerability in Linux Kernel Affecting Multiple Products
CVE-2026-46219

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46219?

A vulnerability in the Linux kernel's spi: mpc52xx component has been identified, which involves a use-after-free scenario during the unbind process. The issue arises when the state machine work, scheduled by the interrupt handler, is not properly canceled after interrupts are disabled, potentially leading to memory corruption or unexpected behavior. Users are advised to apply security patches to mitigate this risk.

Affected Version(s)

Linux f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59

Linux 90b72189de2cddacb26250579da0510b29a8b82b

Linux 984836621aad98802d92c4a3047114cf518074c8 < 6c3e413919a12627d04a31a4a5fccb9fc129bb02

References

https://git.kernel.org/stable/c/bb6b50f709c5a01906ff72a07...

https://git.kernel.org/stable/c/ee52da0dd83ebcd89ecbbe266...

https://git.kernel.org/stable/c/6c3e413919a12627d04a31a4a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46219 Data

JSON