CVE-2026-46296 - Vulnerability Details

- spi: s3c64xx: fix NULL-deref on driver unbind

Description

In the Linux kernel, the following vulnerability has been resolved:

spi: s3c64xx: fix NULL-deref on driver unbind

A change moving DMA channel allocation from probe() back to
s3c64xx_spi_prepare_transfer() failed to remove the corresponding
deallocation from remove().

Drop the bogus DMA channel release from remove() to avoid triggering a
NULL-pointer dereference on driver unbind.

This issue was flagged by Sashiko when reviewing a controller
deregistration fix.

Published: 2026-06-08

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 1108b8722b9ff0cdd3e8aa18d98244fcd93b6760
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 323a258f4b1916b5a3098618e036e033b2f2317f
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 1b66f16a571a10ba8889ac471755c8af9c5b9266
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 22788b1a8611380b141e09a8896702e32d164238
`f52b03c707444c5a3d1a0b9c5724f93ddc3c588e`	affected	< 45daacbead8a009844bd5dba6cfa731332184d17

Linux

affected

Version	Status	Constraints
`6.0`	affected	—
`0`	unaffected	< 6.0
`6.1.176`	unaffected	≤ 6.1.*
`6.6.140`	unaffected	≤ 6.6.*
`6.12.88`	unaffected	≤ 6.12.*
`6.18.30`	unaffected	≤ 6.18.*
`7.0.7`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[f52b03c707444c5a3d1a0b9c5724f93ddc3c588e,1108b8722b9ff0cdd3e8aa18d98244fcd93b6760)`	affected	code_commit	—
`[f52b03c707444c5a3d1a0b9c5724f93ddc3c588e,323a258f4b1916b5a3098618e036e033b2f2317f)`	affected	code_commit	—
`[f52b03c707444c5a3d1a0b9c5724f93ddc3c588e,1b66f16a571a10ba8889ac471755c8af9c5b9266)`	affected	code_commit	—
`[f52b03c707444c5a3d1a0b9c5724f93ddc3c588e,22788b1a8611380b141e09a8896702e32d164238)`	affected	code_commit	—
`[f52b03c707444c5a3d1a0b9c5724f93ddc3c588e,45daacbead8a009844bd5dba6cfa731332184d17)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.0`	affected	generic	—
`[0,6.0)`	unaffected	generic	—
`[6.6.140,7.0.0)`	unaffected	semver	—
`[6.12.88,7.0.0)`	unaffected	semver	—
`[6.18.30,7.0.0)`	unaffected	semver	—
`[7.0.7,8.0.0)`	unaffected	semver	—
`[7.1-rc1,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00161.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1108b8722b9ff0cdd3e8aa18d98244fcd93b6760
https://git.kernel.org/stable/c/1b66f16a571a10ba8889ac471755c8af9c5b9266
https://git.kernel.org/stable/c/22788b1a8611380b141e09a8896702e32d164238
https://git.kernel.org/stable/c/29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7
https://git.kernel.org/stable/c/323a258f4b1916b5a3098618e036e033b2f2317f
https://git.kernel.org/stable/c/45daacbead8a009844bd5dba6cfa731332184d17
https://lore.kernel.org/linux-cve-announce/2026060858-CVE-2026-46296-1408@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-46296
https://www.cve.org/CVERecord?id=CVE-2026-46296

History

Fri, 19 Jun 2026 12:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7

Tue, 09 Jun 2026 02:15:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-476

Tue, 09 Jun 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-763
References		https://lore.kernel.org/linux-cve-announce/2026060858-CVE-2026-46296-1408@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-46296 https://www.cve.org/CVERecord?id=CVE-2026-46296

Mon, 08 Jun 2026 19:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Mon, 08 Jun 2026 17:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove(). Drop the bogus DMA channel release from remove() to avoid triggering a NULL-pointer dereference on driver unbind. This issue was flagged by Sashiko when reviewing a controller deregistration fix.
Title		spi: s3c64xx: fix NULL-deref on driver unbind
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1108b8722b9ff0cdd3e8aa18d98244fcd93b6760 https://git.kernel.org/stable/c/1b66f16a571a10ba8889ac471755c8af9c5b9266 https://git.kernel.org/stable/c/22788b1a8611380b141e09a8896702e32d164238 https://git.kernel.org/stable/c/323a258f4b1916b5a3098618e036e033b2f2317f https://git.kernel.org/stable/c/45daacbead8a009844bd5dba6cfa731332184d17

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-08T15:46:23.539Z

Updated: 2026-06-19T12:00:10.948Z

Reserved: 2026-05-13T15:03:33.110Z

Link: CVE-2026-46296

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-08T17:16:48.037

Modified: 2026-06-08T17:16:48.037

Link: CVE-2026-46296

Redhat

Severity :

Publid Date: 2026-06-08T00:00:00Z

Links: CVE-2026-46296 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-09T03:45:26Z

Weaknesses

CWE-763

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object