CVE-2026-46083 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup().

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products

References

Link	Providers
https://git.kernel.org/stable/c/11baa8b24bcb07ae2048f2566a220021d766abe0
https://git.kernel.org/stable/c/1e774294b2f944f59e03a04eb438768a4b93c3ce
https://git.kernel.org/stable/c/a2c817c629430fbbd54273525b472dac96e2c8fd
https://git.kernel.org/stable/c/db357034f7e0cf23f233f414a8508312dfe8fbbe
https://git.kernel.org/stable/c/dbcead54b12468d9aa54c0e1f0042d838ec3b0ae
https://lore.kernel.org/linux-cve-announce/2026052701-CVE-2026-46083-3ddd@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-46083
https://www.cve.org/CVERecord?id=CVE-2026-46083

History

Thu, 28 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-772
References		https://lore.kernel.org/linux-cve-announce/2026052701-CVE-2026-46083-3ddd@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-46083 https://www.cve.org/CVERecord?id=CVE-2026-46083
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 27 May 2026 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-368

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup().
Title		spi: fix resource leaks on device setup failure
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/11baa8b24bcb07ae2048f2566a220021d766abe0 https://git.kernel.org/stable/c/1e774294b2f944f59e03a04eb438768a4b93c3ce https://git.kernel.org/stable/c/a2c817c629430fbbd54273525b472dac96e2c8fd https://git.kernel.org/stable/c/db357034f7e0cf23f233f414a8508312dfe8fbbe https://git.kernel.org/stable/c/dbcead54b12468d9aa54c0e1f0042d838ec3b0ae

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:58:23.376Z

Updated: 2026-05-27T12:58:23.376Z

Reserved: 2026-05-13T15:03:33.096Z

Link: CVE-2026-46083

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:29.723

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-46083

Redhat

Severity : Low

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-46083 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-27T18:00:15Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object