CVE-2026-46074 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an explicit URB kill on disconnect for symmetry (even if that is not strictly required as USB core would have stopped it in the current setup).

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

8846739f52afa07e63395c80227dc544f54bd7b1 (git) before 5c6518633702d7f7b1153e9d8e042af847f11ef3

affected

8846739f52afa07e63395c80227dc544f54bd7b1 (git) before ff8a7996dc8bf433efe2126ffdaee5b374a89e30

affected

8846739f52afa07e63395c80227dc544f54bd7b1 (git) before 9bee2faf9e21c796d0d222c9d84a98f41bd303a0

affected

8846739f52afa07e63395c80227dc544f54bd7b1 (git) before b99e3ddb91b499d920e63a2daff8880be68cfe9e

affected

Default status

affected

6.11

affected

Any version before 6.11

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5c6518633702d7f7b1153e9d8e042af847f11ef3

git.kernel.org/...c/ff8a7996dc8bf433efe2126ffdaee5b374a89e30

git.kernel.org/...c/9bee2faf9e21c796d0d222c9d84a98f41bd303a0

git.kernel.org/...c/b99e3ddb91b499d920e63a2daff8880be68cfe9e

cve.org (CVE-2026-46074)

nvd.nist.gov (CVE-2026-46074)

Download JSON

help @ threatint.eu