CVE-2026-46296
Published Jun 8, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove(). Drop the bogus DMA channel release from remove() to avoid triggering a NULL-pointer dereference on driver unbind. This issue was flagged by Sashiko when reviewing a controller deregistration fix.
EPSS — Exploit Prediction
0.0016
Probability of exploitation
0.06%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/1108b8722b9ff0cdd3e8aa18d98244fcd93b6760
https://git.kernel.org/stable/c/1b66f16a571a10ba8889ac471755c8af9c5b9266
https://git.kernel.org/stable/c/22788b1a8611380b141e09a8896702e32d164238
https://git.kernel.org/stable/c/323a258f4b1916b5a3098618e036e033b2f2317f
https://git.kernel.org/stable/c/45daacbead8a009844bd5dba6cfa731332184d17
Frequently Asked Questions
What is CVE-2026-46296? +
In the Linux kernel, the following vulnerability has been resolved:
spi: s3c64xx: fix NULL-deref on driver unbind
A change moving DMA channel allocation from probe() back to
s3c64xx_spi_prepare_transfer() failed to remove the corresponding
deallocation from remove().
Drop the bogus DMA channel release from remove() to avoid triggering a
NULL-pointer dereference on driver unbind.
This issue was flagged by Sashiko when reviewing a controller
deregistration fix.
How do I check if I'm vulnerable to CVE-2026-46296? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.