CVE-2026-46060

In the Linux kernel, the following vulnerability has been resolved:

crypto: qat - fix IRQ cleanup on 6xxx probe failure

When adf dev up() partially completes and then fails, the IRQ handlers registered during adf isr resource alloc() are not detached before the MSI-X vectors are released.

Since the device is enabled with pcim enable device(), calling pci alloc irq vectors() internally registers pcim msi release() as a devres action. On probe failure, devres runs pcim msi release() which calls pci free irq vectors(), tearing down the MSI-X vectors while IRQ handlers (for example 'qat0-bundle0') are still attached. This causes remove proc entry() warnings:

[ 22.163964] remove proc entry: removing non-empty directory 'irq/143', leaking at least 'qat0-bundle0'

Moving the devm add action or reset() before adf dev up() does not solve the problem since devres runs in LIFO order and pcim msi release(), registered later inside adf dev up(), would still fire before adf device down().

Fix by calling adf dev down() explicitly when adf dev up() fails, to properly free IRQ handlers before devres releases the MSI-X vectors.