Primary

Context

Linux Kernel Topcliff PCH SPI Driver Use-After-Free Vulnerability

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Linux kernel's SPI Topcliff PCH driver. This issue arises during the unbinding process of the driver, where the DMA buffers are released before the driver has a chance to flush its message queue. As a result, there is a potential for memory corruption or exploitation.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, commonly associated with memory corruption issues that can be exploited to execute arbitrary code or cause a denial-of-service.

Reproduction

The vulnerability can be reproduced by loading the Topcliff PCH SPI driver, allowing it to handle some SPI transactions, and then unbinding the driver. During the unbinding process, the driver fails to properly manage the DMA buffers, leading to a use-after-free condition.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Jun 8, 2026, 5:47 PM

Updated: Jun 8, 2026, 5:47 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.9

remediation

7.7

relevance

9.3

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.9

remediation

7.7

relevance

9.3

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Topcliff PCH SPI Driver Use-After-Free Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating