CVE-2026-31389
Published: Apr 3, 2026
Modified: May 11, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also in the unlikely event that per-cpu statistics allocation fails during controller registration to avoid use-after-free (of driver resources) and unclocked register accesses.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6598b91b5ac32bc756d7c3000a31f775d4ead1c4 - < 0e23f50086da7d0b183dfeac26021acfcdee086baffected 6598b91b5ac32bc756d7c3000a31f775d4ead1c4 - < 6bbd385b30c7fb6c7ee0669e9ada91490938c051affected 6598b91b5ac32bc756d7c3000a31f775d4ead1c4 - < afe27c1f43aa57530011f419be6ddf71306565d2affected 6598b91b5ac32bc756d7c3000a31f775d4ead1c4 - < 80f3e8cd2b4ad355b2ad2024cf423f6d183404f7affected 6598b91b5ac32bc756d7c3000a31f775d4ead1c4 - < 23b51bad2eb8787aa74324cfccefb258515ae5ba+1 more versions |
Linux | Linux | affected 6.0unaffected 0 - < 6.0unaffected 6.1.167 - <= 6.1.*unaffected 6.6.130 - <= 6.6.*unaffected 6.12.78 - <= 6.12.*+3 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now