CVE-2026-46219

EUVD-2026-32846
In the Linux kernel, the following vulnerability has been resolved:

spi: mpc52xx: fix use-after-free on unbind

The state machine work is scheduled by the interrupt handler and
therefore needs to be cancelled after disabling interrupts to avoid a
potential use-after-free.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
7.0.9-1
fixed
sid
7.0.10-1
fixed
trixie
vulnerable
trixie (security)
6.12.90-2
fixed
References
https://git.kernel.org/stable/c/6c3e413919a12627d04a31a4a5fccb9fc129bb02
https://git.kernel.org/stable/c/706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0
https://git.kernel.org/stable/c/bb6b50f709c5a01906ff72a07fdc070bb3357188
https://git.kernel.org/stable/c/bbcd6dd8e9f264440eaf6167382bf404911c1c46
https://git.kernel.org/stable/c/ee52da0dd83ebcd89ecbbe2660c57b15a25489f2