59 matches found
SUSE CVE-2026-46200
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix controller deregistration Make sure to deregister the controller before disabling and releasing underlying resources like interrupts and gpios during driver unbind...
CVE-2026-46225
The CVE-2026-46225 entry concerns the Linux kernel SPI driver (rspi). The issue is resolved by ensuring the SPI controller is deregistered before releasing resources (e.g., DMA) during driver unbind. This describes a cleanup/order-of-operations fix in the rspi controller deregistration path. Ther...
CVE-2026-46200
CVE-2026-46200 concerns the Linux kernel SPI MPC52xx driver. The issue is addressed by a fix that ensures proper deregistration of the SPI controller before the driver unbind sequence proceeds to disable and release underlying resources (e.g., interrupts and GPIOs). The root cause centers on dere...
CVE-2026-46148
The CVE concerns the Linux kernel’s SPI microchip-core-qspi driver. The coreQSPI IP supports a single auto-controlled chip select, which could conflict with devices using GPIO CS lines when multiple devices are present. The automated CS logic pulls the built‑in CS low during activity and high whe...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the SPI controller does not properly unregister the controller before releasing...
PT-2026-44271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the microchip-core-qspi driver where the built-in chip select is automatically operated by hardware. When multiple devices are attached to the QSPI controller, the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: removed system-wide suspend helper calls from runtime PM hooks The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. These calls have been remov...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Resources are freed even if the runtime resume attempt fails in .remove. An early error exit in atmelqspiremove does not prevent the device from being unbound. This results in an SPI controller with an unbound...
CVE-2026-43460
A flaw was found in the Linux kernel's rockchip-sfc driver. This vulnerability occurs because the driver attempts to unregister a Serial Peripheral Interface SPI controller twice during device removal. This double-free operation can lead to memory corruption, which may allow a local attacker to...
CVE-2026-43460
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43460 spi: rockchip-sfc: Fix double-free in remove() callback
In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...
CVE-2026-43460
In the Linux kernel rockchip-sfc driver, CVE-2026-43460 is caused by a double-free of an SPI controller: the driver uses devm_spi_register_controller(), which auto-unregisters on device removal, but remove() also calls spi_unregister_controller(), creating a double-free. The mitigation implemente...
PT-2026-36418
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback aml sfc probe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...
SUSE CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
DEBIAN-CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
SUSE CVE-2026-31489
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
EUVD-2026-24857
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
CVE-2026-31489 spi: meson-spicc: Fix double-put in remove path
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...