Use-After-Free Vulnerability in Linux Kernel Affecting MPC52xx SPI Controller
CVE-2026-46241

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46241?

A use-after-free vulnerability has been identified in the Linux kernel related to the MPC52xx SPI controller. This issue arises during device registration failures where interrupts aren't properly disabled and released, leading to potential resource leaks and unsafe access. The problem was revealed by a review of a controller deregistration fix, necessitating a thorough check to ensure proper cleanup during the registration process. System administrators should ensure they are using patched versions of the Linux kernel to mitigate this vulnerability.

Affected Version(s)

Linux 42bbb70980f3720b0ae6da6af862af0e95a04351 < 8b49b6aadd0c622ca7d68b4a53ae10362e221cf3

Linux 42bbb70980f3720b0ae6da6af862af0e95a04351 < 336d9ad7560b3baba17af06727a888040ee93390

Linux 42bbb70980f3720b0ae6da6af862af0e95a04351 < 5c77f11b9b5f1ad5a704dad875260c44016ede10

References

https://git.kernel.org/stable/c/8b49b6aadd0c622ca7d68b4a5...

https://git.kernel.org/stable/c/336d9ad7560b3baba17af0672...

https://git.kernel.org/stable/c/5c77f11b9b5f1ad5a704dad87...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46241 Data

JSON