59 matches found
SUSE CVE-2026-46200
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix controller deregistration Make sure to deregister the controller before disabling and releasing underlying resources like interrupts and gpios during driver unbind...
CVE-2026-46225
CVE-2026-46225 concerns the Linux kernel SPI host controller driver (rspi). The issue arises when deregistering the controller: resources such as DMA can be released before proper deregistration, potentially impacting availability. The root cause is captured as “spi: rspi: fix controller deregist...
CVE-2026-46200
CVE-2026-46200 affects the Linux kernel SPI MPC52xx driver. The issue stems from improper controller deregistration: the driver may deregister the controller after or without ensuring proper release of resources (interrupts, GPIOs) during driver unbind, risking system instability or resource exha...
CVE-2026-46148
CVE-2026-46148 concerns the Linux kernel’s microchip-core-qspi driver where the built-in chip select could be driven active when multiple devices share the QSPI controller, potentially conflicting with GPIO-based CS. The provided records confirm a concrete fix: the driver now controls chip select...
PT-2026-44271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the microchip-core-qspi driver where the built-in chip select is automatically operated by hardware. When multiple devices are attached to the QSPI controller, the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the SPI controller does not properly unregister the controller before releasing...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: removed system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. These calls have been remov...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Resources are freed even if the runtime resume attempt fails in .remove. An early error exit in atmelqspiremove does not prevent the device from being unbound. This results in an SPI controller with an unbound...
CVE-2026-43460
A flaw was found in the Linux kernel's rockchip-sfc driver. This vulnerability occurs because the driver attempts to unregister a Serial Peripheral Interface SPI controller twice during device removal. This double-free operation can lead to memory corruption, which may allow a local attacker to...
CVE-2026-43460
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43460 spi: rockchip-sfc: Fix double-free in remove() callback
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43460
In the Linux kernel rockchip-sfc driver, CVE-2026-43460 is caused by a double-free of an SPI controller: the driver uses devm_spi_register_controller(), which auto-unregisters on device removal, but remove() also calls spi_unregister_controller(), creating a double-free. The mitigation implemente...
PT-2026-36418
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback aml sfc probe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...
SUSE CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
DEBIAN-CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
SUSE CVE-2026-31489
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
EUVD-2026-24857
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
CVE-2026-31489
This CVE (CVE-2026-31489) affects the Linux kernel meson-spicc SPI controller driver. The vulnerability arises from a double-put: meson_spicc_probe() registers the controller with devm_spi_register_controller(), and the removal path erroneously calls spi_controller_put() again in meson_spicc_remo...