Lucene search
K

47 matches found

Microsoft CVE
Microsoft CVE
added 2026/04/23 8:7 a.m.5 views

spi: spi-fsl-lpspi: fix teardown order issue (UAF)

...

7.8CVSS5.2AI score0.00126EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.6 views

SUSE CVE-2026-31485

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

7.8CVSS5.6AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/22 6:56 p.m.6 views

CVE-2026-31485

A flaw was found in the spi-fsl-lpspi driver within the Linux kernel. This vulnerability, identified as a Use-After-Free UAF issue, stems from a teardown order problem during the unregistration of the Serial Peripheral Interface SPI controller. When a running SPI transfer attempts to access...

7.8CVSS5.3AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/22 3:31 p.m.7 views

EUVD-2026-24849

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

5.6AI score0.00126EPSS
Exploits0References9
NVD
NVD
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31485

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

7.8CVSS0.00126EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.15 views

CVE-2026-31485

The CVE-2026-31485 issue affects the Linux kernel SPI driver for the FSL LPSPI controller. Root cause: teardown order when unregistering the SPI controller can race with in-flight DMA transfers, causing a NULL pointer dereference (UAF) and an I/O error in DMA RX during a transfer. The documented ...

7.8CVSS5.6AI score0.00126EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.28 views

CVE-2026-31485 spi: spi-fsl-lpspi: fix teardown order issue (UAF)

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

0.00126EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper disassembly order in the spi-fsl-lpspi driver. This vulnerability may lead to reuse...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34390

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A teardown order issue exists in the spi-fsl-lpspi driver. The SPI controller is registered using devm spi register controller, which delays unregistration until after the fsl lpspi remo...

7.8CVSS5.5AI score0.00126EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-31485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003791)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003791 advisory. A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory...

7.8CVSS7.5AI score0.03208EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2025/11/10 12:0 a.m.44 views

Unbreakable Enterprise kernel security update

5.4.17-2136.349.3.1 - i40e: add validation for ringlen param Lukasz Czapnik Orabug: 38604171 CVE-2025-39973 - i40e: increase max descriptors for XL710 Justin Bronder Orabug: 38604171 CVE-2025-39973 5.4.17-2136.349.3 - Revert 'net/mlx5e: Update and set Xon/Xoff upon MTU set' Jakub Kicinski Orabug:...

7.2AI score0.00193EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-47051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspipreparexferhardware pmruntimegetsync will...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2019-19064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memo...

7.8CVSS7.3AI score0.03208EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/28 12:0 a.m.6 views

The vulnerability of the lpspi_prepare_xfer_hardware() function in the drivers/spi/spi-fsl-lpspi.c component of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the lpspipreparexferhardware function in the drivers/spi/spi-fsl-lpspi.c component of the Linux kernel is related to a resource leak. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References7Affected Software2
RedhatCVE
RedhatCVE
added 2024/04/17 7:28 p.m.21 views

CVE-2024-26866

A vulnerability was found in the fsllpspiprobe function in the Linux kernel, which handles memory allocation manually with the spiallochost and spialloctarget functions, but also utilizes the devmspiregistercontroller function. This could result in a potential use-after-free issue if the devm...

4.1CVSS8.5AI score0.00216EPSS
Exploits0References4
OSV
OSV
added 2024/04/17 11:15 a.m.7 views

DEBIAN-CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS5.5AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2024/04/17 11:15 a.m.16 views

CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS7.2AI score0.00216EPSS
Exploits0References4
OSV
OSV
added 2024/04/17 11:15 a.m.5 views

UBUNTU-CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS6AI score0.00216EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2024/04/17 11:15 a.m.17 views

CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS6.3AI score0.00216EPSS
Exploits0References11
Rows per page
Query Builder