CVE-2026-31783
MEDIUM EPSS 2.2%
Published May 1, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published May 1, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove() callback aml_sfc_probe() registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup action after successful registration so nand_ecc_unregister_on_host_hw_engine() runs automatically on probe failures and during device removal.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 9
References 3
- git.kernel.org https://git.kernel.org/stable/c/5e11741aec3b242a197250b473c37b58f53a16b6
- git.kernel.org https://git.kernel.org/stable/c/b0dc7e7c56573e7a52080f25f3179a45f3dd7e6f
- git.kernel.org https://git.kernel.org/stable/c/ee4c064e37d4d0ddc5a7580933dbe79a2c6acafc
Remediation
- git.kernel.org https://git.kernel.org/stable/c/5e11741aec3b242a197250b473c37b58f53a16b6
- git.kernel.org https://git.kernel.org/stable/c/b0dc7e7c56573e7a52080f25f3179a45f3dd7e6f
- git.kernel.org https://git.kernel.org/stable/c/ee4c064e37d4d0ddc5a7580933dbe79a2c6acafc