VDB

CVE-2026-46074

CVE-2026-46074 PUBLISHED

Reported by Linux · Published May 27, 2026

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an explicit URB kill on disconnect for symmetry (even if that is not strictly required as USB core would have stopped it in the current setup).

EPSS 0.02% · 6.8th percentile

Risk Scores

EPSS Score
0.02%
6.8th percentile

Affected Products

VendorProductVersions
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1, 8846739f52afa07e63395c80227dc544f54bd7b1, 8846739f52afa07e63395c80227dc544f54bd7b1
LinuxLinux6.11, 0, 6.12.86
linuxlinux_kernel6.11, 6.11, 6.11
LinuxLinux8846739f52afa07e63395c80227dc544f54bd7b1, 8846739f52afa07e63395c80227dc544f54bd7b1, 8846739f52afa07e63395c80227dc544f54bd7b1

Timeline

  • May 27, 2026 CVE Published
  • May 28, 2026 EPSS Score
  • May 29, 2026 EPSS Score
  • May 29, 2026 Security Advisory
  • May 30, 2026 EPSS Score
  • May 31, 2026 EPSS Score
  • Jun 1, 2026 EPSS Score
  • Jun 4, 2026 Coalition ESS Score
  • Jun 5, 2026 EPSS Score
  • Jun 14, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›