VDB

CVE-2026-31489

CVE-2026-31489 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path meson_spicc_probe() registers the controller with devm_spi_register_controller(), so teardown already drops the controller reference via devm cleanup. Calling spi_controller_put() again in meson_spicc_remove() causes a double-put.

EPSS 0.02% · 3.6th percentile

Risk Scores

EPSS Score
0.02%
3.6th percentile

Affected Products

VendorProductVersions
LinuxLinux*, 683b47d0ebb10ba0d272604b09686e023d10d40c, 05565b469358a9a03034f7f712d83590a9f125a4
linuxlinux_kernel5.14, 4.14.244, 4.19.203

Timeline

  • Apr 22, 2026 CVE Published
  • Apr 23, 2026 Security Advisory
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score
  • May 27, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›