SPI Controller Deregistration Issue in Linux Kernel
CVE-2026-46225

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46225?

A vulnerability has been identified in the Linux kernel related to SPI (Serial Peripheral Interface) controller deregistration. This issue occurs when the controller fails to properly deregister before releasing essential resources like Direct Memory Access (DMA) during the driver unbind process. Properly managing this deregistration is critical to ensure that system resources are not mismanaged, which could lead to potential security exploits. The Linux community has addressed this issue in recent updates, underscoring the importance of keeping systems up to date to mitigate risks associated with improper resource handling.

Affected Version(s)

Linux 9e03d05eee4ca45ed12749ef6c26bf616262cdd2 < 77defd64b405b680db73d767313fce770d368368

Linux 9e03d05eee4ca45ed12749ef6c26bf616262cdd2

References

https://git.kernel.org/stable/c/77defd64b405b680db73d7673...

https://git.kernel.org/stable/c/c5090db1b31de3ef4db0cda7e...

https://git.kernel.org/stable/c/aee76c1dd189562c6678313ca...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46225 Data

JSON