CVE-2026-43460

HIGH EPSS 2.0%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove() callback The driver uses devm_spi_register_controller() for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to spi_unregister_controller() in the remove() callback can lead to a double-free. And to make sure controller is unregistered before DMA buffer is unmapped, switch to use spi_register_controller() in probe().

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-415

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥6.14  –  <6.18.19
linuxlinux_kernel*≥6.19  –  <6.19.9
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/111e2863372c322e836e0c896f6dd9cf4ee08c71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85fb53351e6a3b921357a2178671e847a087e400
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6051f2bdd4bd3dde85b68558edd3a6843489221
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/111e2863372c322e836e0c896f6dd9cf4ee08c71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/85fb53351e6a3b921357a2178671e847a087e400
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b6051f2bdd4bd3dde85b68558edd3a6843489221
    Patch