Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Use-After-Free Vulnerability in SPI MPC52XX Driver

Vulnerability

A use-after-free vulnerability has been addressed in the Linux kernel's SPI MPC52XX driver. This issue arises because the interrupt handler schedules state machine work that must be canceled after disabling interrupts, to prevent potential memory access errors. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for memory corruption or arbitrary code execution.

Reproduction

The vulnerability can be reproduced by loading a module that uses the SPI MPC52XX driver, which schedules work to be done by the interrupt handler. If the module is then removed without first canceling this scheduled work, a use-after-free condition can be created.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: May 28, 2026, 11:04 AM
Updated: May 28, 2026, 11:04 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
1.3
exploitability
3.9
remediation
7.7
relevance
9.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.