CVE-2026-46200 Linux CVE debrief

Who should care

Organizations running Linux on Freescale MPC52xx-based embedded systems or industrial controllers utilizing SPI interfaces. Kernel maintainers and distribution security teams should prioritize backporting the stable tree commits.

Technical summary

The mpc52xx_spi driver in the Linux kernel contains a use-after-free vulnerability in its teardown path. When the driver is unbound, the code disables and releases interrupts and GPIOs before deregistering the SPI controller. This ordering creates a window where the SPI core may still hold references to the controller while its underlying hardware resources have been freed. The fix reorders operations to deregister the controller first, ensuring no active references exist before resource cleanup. The vulnerability affects local attack surface only and requires ability to trigger driver unbind operations.

Defensive priority

medium

Recommended defensive actions

• Apply kernel patches from stable branches once available through distribution channels
• Monitor distribution security advisories for updated kernel packages
• Review systems using Freescale MPC52xx-based hardware for SPI controller utilization
• Consider disabling SPI controller hot-unbind if not required until patches are applied

Evidence notes

The vulnerability description is sourced from the official CVE record and NVD entry, both published 2026-05-28. Four kernel.org stable tree commits are referenced as resolution evidence. No CVSS score has been assigned as of the modified date (2026-05-28T13:44:01.663Z). The vendor identification carries low confidence and requires review.

Official resources