CVE-2026-31489

Published: Apr 22, 2026Modified: Jun 1, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path meson_spicc_probe() registers the controller with devm_spi_register_controller(), so teardown already drops the controller reference via devm cleanup. Calling spi_controller_put() again in meson_spicc_remove() causes a double-put.

Affected (16)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.14.244 to 4.15
Linux Linux Kernel	From 4.19.203 to 4.20
Linux Linux Kernel	From 5.10.58 to 5.11
Linux Linux Kernel	From 5.13.10 to 5.14
Linux Linux Kernel	From 5.14.1 to 6.12.80
Linux Linux Kernel	From 5.4.140 to 5.5
Linux Linux Kernel	From 6.13 to 6.18.21
Linux Linux Kernel	From 6.19 to 6.19.11
Linux Linux Kernel	Version 5.14
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7