CVE-2021-46959
CVE-2021-46959 is a Linux kernel SPI subsystem use-after-free issue (devm_spi_alloc_{master,slave}) caused by relying on the devres list during spi_unregister_controller. The root cause is that devres_find() runs after the devres list has been torn down, leading to underflow of reference counters...