CVE-2026-46219 Linux CVE debrief

Who should care

Organizations running embedded Linux systems with Freescale/NXP MPC52xx PowerPC processors utilizing SPI interfaces; industrial control system operators; automotive ECU manufacturers; telecommunications equipment vendors with legacy PowerPC-based hardware

Technical summary

The MPC52xx SPI driver in the Linux kernel contains a use-after-free vulnerability triggered during driver unbind. The driver's state machine work is scheduled via interrupt handler; if the work is not cancelled after interrupts are disabled but before driver data is freed, the scheduled work may execute against freed memory. The resolution ensures proper cancellation ordering: disable interrupts first, then cancel pending work, preventing the race window.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates from distribution vendors once patches are available
• Monitor stable kernel releases for MPC52xx SPI driver fixes
• Review custom kernel builds for inclusion of the referenced commits
• Validate SPI driver unload procedures in embedded deployments using MPC52xx hardware

Evidence notes

The vulnerability description indicates a classic race condition in kernel driver teardown. The fix involves cancelling scheduled work after interrupt disablement to prevent use-after-free. Five kernel.org stable branch commits are referenced, suggesting backports to multiple maintained kernel versions. No CVSS score has been assigned by NVD as of the modified date.

Official resources